Jump to content
  • Enhancing TLS Security: Google Adds Quantum-Resistant Encryption in Chrome 116

    aum

    • 400 views
    • 2 minutes
     Share


    • 400 views
    • 2 minutes

    Google has announced plans to add support for quantum-resistant encryption algorithms in its Chrome browser, starting with version 116.

     

    "Chrome will begin supporting X25519Kyber768 for establishing symmetric secrets in TLS, starting in Chrome 116, and available behind a flag in Chrome 115," Devon O'Brien said in a post published Thursday.

     

    Kyber was chosen by the U.S. Department of Commerce's National Institute of Standards and Technology (NIST) as the candidate for general encryption in a bid to tackle future cyber attacks posed by the advent of quantum computing. Kyber-768 is roughly the security equivalent of AES-192.

     

    The encryption algorithm has already been adopted by Cloudflare, Amazon Web Services, and IBM.

     

    X25519Kyber768 is a hybrid algorithm that combines the output of X25519, an elliptic curve algorithm widely used for key agreement in TLS, and Kyber-768 to create a strong session key to encrypt TLS connections.

     

    "Hybrid mechanisms such as X25519Kyber768 provide the flexibility to deploy and test new quantum-resistant algorithms while ensuring that connections are still protected by an existing secure algorithm," O'Brien explained.

     

    While it's expected to take several years, possibly even decades, for quantum computers to pose severe risks, certain kinds of encryption are susceptible to an attack called "harvest now, decrypt later" (aka retrospective decryption) in which data that's encrypted today is harvested by threat actors in hopes of decrypting it later when cryptanalysis becomes easier due to technological breakthroughs.

     

    This is where quantum computers come in, as they are capable of efficiently performing certain computations in a manner that can trivially defeat existing cryptographic implementations.

     

    "In TLS, even though the symmetric encryption algorithms that protect the data in transit are considered safe against quantum cryptanalysis, the way that the symmetric keys are created is not," O'Brien said.

     

    "This means that in Chrome, the sooner we can update TLS to use quantum-resistant session keys, the sooner we can protect user network traffic against future quantum cryptanalysis."

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...