Google Introduces Chrome Quantum Attack Protection

Google has introduced quantum-resistant encryption to its Chrome web browser, starting with version 116, which was released yesterday.

Chrome security manager Devon O'Brien said in a blog that starting August 15 the browser would integrate support for X25519Kyber768. This security upgrade aims to protect web browsing against potential threats from future quantum computers.

Awkwardly named X25519Kyber768, this advanced quantum-resistant cryptography is a hybrid solution. It melds the two cryptographic algorithms: X25519, a prevalent elliptic curve algorithm used in today's transport layer security (TLS) key agreements, and Kyber-768, a cutting-edge quantum-resistant key encapsulation method (KEM). The innovative hybrid encryption is now accessible in Chrome 116 and is also available, albeit behind a flag, in Chrome 115. 

Quantum-resistant cryptography must protect against both quantum and conventional cryptanalytic attack approaches. In practice, during 2022 and 2023, various top contenders for quantum-resistant cryptographic algorithms were compromised using affordable, off-the-shelf hardware. According to Google, hybrid solutions like X25519Kyber768 offer the adaptability to roll out and evaluate fresh quantum-resistant algorithms while securing connections with a proven algorithm.

Related:Industry Reacts to Google’s Quantum Supremacy Claim

Beyond these factors, these algorithms must also deliver optimal performance on standard commercial hardware, adding another dimension to this intricate issue.

Harvest Now, Decrypt Later

Google says its proactive approach to future-proofing Chrome is already addressing the security concerns of professionals.

“It’s believed that quantum computers that can break modern classical cryptography won't arrive for five, 10, possibly even 50 years from now, so why is it important to start protecting traffic today?" said O'Brien.

"The answer is that certain uses of cryptography are vulnerable to a type of attack called harvest now, decrypt later, in which data is collected and stored today and later decrypted once cryptanalysis improves.”

In TLS, while the symmetric encryption algorithms safeguarding data during transmission are deemed secure against quantum cryptanalysis, the method of generating these symmetric keys isn't. Since this vulnerability exists in Chrome, the company is expediting the update of TLS to incorporate quantum-resistant session keys that will accelerate the protection of user network traffic against prospective quantum cryptanalysis.