Google Chrome tests future of encryption with post-quantum crypto

Google is testing a post-quantum cryptographic algorithm in Chrome Canary to improve the future of encrypted communications

Experiments are a way of life at Google, and the company's latest project is focused on using post-quantum cryptographic algorithms in Chrome to future-proof encrypted digital communications.

Google is focusing its research on finding a way to secure today's communications so they cannot be decrypted by a quantum computer some years down the road. A small fraction of connections between desktop Chrome and Google's servers will use a post-quantum key-exchange algorithm in addition to the elliptic-curve key-exchange algorithm that would typically be used, Matt Braithwaite, a software engineer at Google, wrote on the Google Security blog.

"Our aims with this experiment are to highlight an area of research that Google believes to be important and to gain real-world experience with the larger data structures that post-quantum algorithms will likely require," Braithwaite said.

Post-quantum cryptography refers to the study of cryptographic primitives that remain secure even against quantum computers. Current cryptographic algorithms used in protocols such as TLS (used by HTTPS) are considered secure because it is difficult and time-consuming to factor enormous numbers.

Given enough time and processing power, most digital communications encrypted with existing cryptographic algorithms can be broken, calling into the question the long-term security of existing methods. Conversations currently considered secure can potentially be cracked in the future if someone successfully builds a large enough quantum computer, which uses quantum physics to perform calculations and solve problems much faster than conventional computing.

Many types of information need to remain confidential for decades, so the possibility of a future quantum computer being fast and powerful enough to break existing encryption is a worrying one.

The experiment relies on New Hope, a post-quantum algorithm developed by four scientists in Turkey, the Netherlands, and Germany. While Braithwaite called New Hope "the most promising," he also warned against adopting New Hope as a de-factor standard. To reinforce the fact that New Hope isn't the only algorithm available, Braithwaite said Google plans to discontinue the experiment within two years.

New Hope algorithm is currently in use only in Chrome's test version, the Chrome Canary build.

The last thing Google wants during the experiment is to inadvertently expose user data because it made a mistake with the post-quantum algorithm. To make sure everything is protected, the company will continue to use elliptic-curve key-exchange to encrypt all digital communications, and will use the post-post-quantum algorithm at the same time. This way, if the post-quantum algorithm turns out to be crackable by conventional computers, user communications remain protected because the existing method is still in place.

As Braithwaite noted in the post, the future of quantum computer is still murky and it's not even certain that large quantum machines will ever be built. Google, IBM. Microsoft, and Intel are among the tech giants trying to make those machines a reality, and there are lots of smart scientists working in the area.  Even if the computer is still years away from reality, it's still a good idea to begin thinking about the potential challenges to cryptography these computers pose.

"While it's still very early days for quantum computers, we're excited to begin preparing for them, and to help ensure our users' data will remain secure long into the future," Braithwaite said.