- The team behind Chrome, Google’s widely-used web browser, report they are preparing for a post-quantum cybersecurity era by updating technical standards, testing and deploying new quantum-resistant algorithms.
- Chrome will rely on a hybrid approach, which can protect from both potential classical and quantum attacks.
- The Chrome team also says it strategy will address the “Harvest Now, Decrypt Later” threat.
In a move towards bolstering cybersecurity against the looming threat of quantum computers, teams across Google are collaborating intensively to prepare the web for a transition to quantum-resistant cryptography, according to a recent blog post on the Chromium Blog.
Google’s Chrome team writes in the blog that the project involves revising technical standards, implementing and evaluating new quantum-resistant algorithms and engaging with the broader tech community to ensure a seamless transition.
As part of this quantum cybersecurity initiative, Chrome, Google’s widely-used web browser, will rely on a new method for establishing symmetric secrets in Transport Layer Security (TLS) connections, as outlined in the post. Commencing with the Chrome 116 version of the browser and available behind a flag — a way to activate browser features that are not available by default — in Chrome 115, Chrome will now support X25519Kyber768 for creating session keys to encrypt the bulk of TLS connections.
According to the blog post, X25519, a prevalent elliptic curve algorithm in contemporary TLS key agreement, partners with Kyber-768—a quantum-resistant Key Encapsulation Method and a recipient of NIST’s Post-Quantum Cryptography (PQC) award for general encryption. This pioneering hybrid mechanism combines the outputs of both algorithms to craft the crucial session key, rendering data transmission secure against potential quantum attacks.
Google’s phased approach involves a rigorous rollout of X25519Kyber768 to Chrome and Google servers across both TCP and QUIC protocols, the post states. During this rollout, Google is actively scrutinizing any compatibility discrepancies that may arise. Chrome may also employ this updated key agreement when connecting to third-party servers like Cloudflare, as they integrate support.
The motivation for this quantum-driven shift in cryptography, according to the post, lies in the face of evolving cyber threats. Quantum computers, although not expected to become practical for several years, have the potential to compromise existing asymmetric cryptography methods. This potential threat is creating the urgency to adapt cryptographic protocols to withstand quantum attacks.
However, transitioning to quantum-resistant cryptography isn’t without challenges. As highlighted in the blog post, quantum-resistant algorithms must not only fend off quantum cryptanalysis but also classical cryptanalysis techniques. The need for these algorithms to perform efficiently on commercially available hardware further complicates the endeavor.
This development also addresses the “Harvest Now, Decrypt Later” threat, wherein data intercepted today could be decrypted once quantum cryptanalysis becomes more powerful. While current symmetric encryption algorithms remain resilient, the method of creating symmetric keys needed an upgrade. By adopting quantum-resistant session keys in Chrome’s TLS, the browser aims to fortify users’ network traffic against future quantum threats.
Deploying X25519Kyber768, however, introduces a new consideration, as detailed in the blog post: it adds extra data to the TLS ClientHello message. Google’s preliminary testing, according to the post, indicates compatibility with most TLS implementations. To facilitate a seamless transition, administrators can temporarily disable X25519Kyber768 using the PostQuantumKeyAgreementEnabled enterprise policy, available from Chrome 116. This measure is intended as a stopgap while the industry adjusts to the new cryptographic landscape.
In the larger context, as mentioned in the blog post, both the X25519Kyber768 and Kyber specifications remain in draft form and are subject to change. Chrome’s implementation could consequently evolve to align with any specification updates.
As Google continues to blaze a trail towards quantum-resistant cybersecurity, this quantum-driven transition, as revealed in the blog post, underscores the company’s commitment to safeguarding user data against the evolving landscape of cyber threats.