Quantum Untangled: Google Chrome's Quantum Horizons
Quantum Untangled: Google Chrome's Quantum Horizons
The search engine plays around with Kyber magic
Google Chrome dominates the worldwide browser market, with about 67% of all website activity going through the search giant’s browser. With this market dominance comes a degree of responsibility to protect the flow of information, both now and when quantum computers can crack modern-day encryption. To prepare for this moment, Google has added quantum-resistant cryptography to Chrome with version 116.
One of the biggest challenges for a company like Google, when deciding on a post-quantum algorithm for software like Chrome, is performance. They have to find a solution that can deliver protection without slowing down their standard commercial hardware or – much worse – introducing unanticipated security flaws. That’s a fear shared by the US National Institute of Standards and Technology (NIST), which launched a six-year competition in 2016 to find new encryption standards capable of resisting the raw power of quantum computation. Rather infamously, several protocols during that contest succumbed to the comparatively puny computational power of classical machines.
NIST is more confident about Kyber-768, which emerged as one of its competition finalists last year. So is Google. Last week, the search giant announced its intention to combine the quantum-resistant key encapsulation method (KEM) with a classical encryption standard and begin weaving it into its Chrome browser. The result, which Google has christened ‘X25519Kyber768,’ should – in theory – protect the world’s most popular browser against the hackers of tomorrow and today.
But why bother with all this right now, when most quantum computers can barely harness more than a dozen qubits at a time? The reason, as multiple big tech firms and national governments are now loudly reminding us, is that cybercriminals may already be conducting so-called ‘harvest now, decrypt later’ (HNDL) attacks, scooping up masses of encrypted data now in the hope that, though useless to them today, will prove to be a bonanza tomorrow, or whenever they get their hands on a truly powerful quantum computer capable of cracking Shor’s Algorithm.
It’s a possibility that seems to have made Google feel acutely vulnerable. While the symmetric encryption algorithms protecting online data in transit are safe (for now) from quantum cryptanalysis, explained Chrome’s technical program manager for security Devon O’Brien, the way symmetric keys for those algos are created is not. “This means that in Chrome,” added O’Brien, “the sooner we can update TLS [the Transport Layer Security] to use quantum-resistant session keys, the sooner we can protect user network traffic against future quantum cryptanalysis.”
X25519Kyber768 should provide that protection, at least for now. But it isn’t flawless. For one thing, the hybrid algorithm adds a kilobyte of extra data to the connection process, thanks to the addition of the Kyber keys to the mix – a situation most systems can cope with, says O’Brien, but in rare cases may result in a failure to transmit the data. More serious, though, are the efforts of cryptographic researchers to undermine Kyber-768. In March, a trio of researchers at the KTH Royal Institute of Technology in Sweden claimed to have broken the standard using a so-called ‘side-channel attack,’ wherein encryption protocols are undermined through the measurement of physical properties associated with the connection like electromagnetic emissions, supply current and execution times.
Has Google, then, accidentally woven an insecure post-quantum algorithm into Chrome? Probably not. Reacting to the KTH team’s breakthrough, NIST mathematician Dustin Moody told Hacker News that, while further research into them was undoubtedly necessary, side-channel attacks remain highly impractical. That leaves aside the fact that, until we actually have a high-performing quantum computer, any question about whether or not this or that algorithm will be invulnerable to its computational charms will be academic.
As such, major international institutions continue to plough their own post-quantum cryptography furrows. Google’s decision announcement about X25519Kyber768 came as the US cyber defence agency CISA, alongside the NSA and NIST, published new information for organisations migrating to post-quantum cryptography. Meanwhile, the first truly global standards for post-quantum cryptography are due to be published by NIST next year.
For now, companies like Google are using the best available algorithms in partnership with the best classical encryption tools. And what’s wrong with that? While we don’t have any evidence yet of HNDL attacks in the wild, they’re probably coming — and it’s about time that the world’s most popular browser prepares itself accordingly.
One more thing…
Quantum Untangled isn’t the only newsletter being published by the mighty New Statesman Media Group. For any of you who want to follow the story of the total transformation of the global economy, our colleagues at the New Statesman's Spotlight on Policy vertical are sending out the weekly Green Transition newsletter. Subscribe for free weekly updates on Bidenomics, Securonomics and the shift to net zero-nomics — all on Substack.
Partner content
The security challenges of digitalising the energy grid - Tech Monitor
How do we restore trust in the public sector? - The New Statesman
Brands must seek digital fashion solutions - Tech Monitor
The new to direct capital deployment to decarbonise household electrification - Capital Monitor
What factors drive data centre vendor selection? - Tech Monitor