Pre-shared key (PPK) for Post-Quantum resistance

David Woodhouse dwmw2 at
Mon Apr 26 23:33:42 BST 2021

On Mon, 2021-04-26 at 15:44 -0400, David Johnston wrote:
> Good Day OpenConnect/ocserv mailing list,
> I have a client who has a requirement for an SSL VPN with an
> additional pre-shared key for post-quantum resistance. (Like PPKs in
> IPSec, or the additional symmetric key in Wireguard) We would rather
> not use OpenVPN.
> Does anybody have any ideas of how we could accomplish this in
> OpenConnect? Is there some gnuTLS priority string we can use? If I was
> to mod the source code, where would I start?

I'm assuming you want to do this in conjunction with ocserv on the
server side, using the AnyConnect protocol?

Would it suffice to use DHE_PSK for the TLS connection? That
concatenates the PSK with the DH-generated "supposedly PFS" key, to
generate the Master Secret used for encrypting that session.

The DTLS connection is already using PSK; you could either mix in an
additional shared secret on both client and server side, or perhaps you
don't need to if the TLS connection is already secured?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5174 bytes
Desc: not available
URL: <>

More information about the openconnect-devel mailing list