Google adds post-quantum encryption key protection to Chrome
Google adds post-quantum encryption key protection to Chrome
QC crypto-cracking coming in 5, 10, maybe 50 years, so act … now?
Google has started deploying a hybrid key encapsulation mechanism (KEM) to protect the sharing of symmetric encryption secrets during the establishment of secure TLS network connections.
Devon O'Brien, technical program manager for Chrome security, explained on Thursday that starting in Chrome 116 – due August 15 – Google's browser will include support for X25519Kyber768, an alphanumeric salad that desperately needs a catchy name.
The unwieldy term is a concatenation of X25519, an elliptic curve algorithm that's currently used in the key agreement process for establishing a secure TLS connection, and Kyber-768, a quantum-resistant KEM that last year won NIST's blessing for post-quantum cryptography.
A KEM is a way to establish a shared secret value between two people so they can communicate confidentiality using symmetric key encryption. It's a precursor ritual to secure information exchange over a network. Unless you're a cryptographer or just love math, you're probably fine not knowing the technical details.
Google is deploying a hybrid version of these two algorithms in Chrome so the web goliath, users of its technology, and other network providers like Cloudflare, can test quantum-resistant algorithms while maintaining current protections.
The Chocolate Factory is doing so because some day, many very bright people believe, quantum computers will be able to break at least some legacy encryption schemes. That belief is what motivated US technical agency NIST in 2016 to call for future-proof encryption algorithms.