QNu Labs

Back to blogs

Google Chrome adds Post-Quantum Encryption Key Protection

QNu Labs   |   Oct 25, 2023

Google made a bold move to fortress the data exchange on the internet by enhancing security features on Chrome.

Before we understand the reason behind this decision, let’s understand a few concepts.

Harvest Now Decrypt Later (HNDL): In an era where data is the new oil, malicious cyber actors are harvesting heaps of data in anticipation of decrypting later using quantum computers.

Post-quantum cryptography (PQC): Quantum computers use the principles of quantum physics to compute data much faster than conventional computers. Without ‘quantum-safe’ cryptography defences in place, military hardware, online financial transactions, and communications could be targeted by hackers with access to quantum computers. PQC is the robust quantum-safe cryptography. 

In light of potential threats from quantum computers, teams across Google are collaborating intensively to prepare the web for a transition to quantum-resistant cryptography.

Google’s Chrome team wrote in their blog that they are revising technical standards, implementing and evaluating new quantum-resistant algorithms, and engaging with the broader technology community to ensure a seamless transition.

Google Chrome will use a hybrid key encapsulation mechanism (KEM) to protect the sharing of symmetric encryption secrets while establishing secure TLS network connections. TLS (Transport Layer Security) is a security protocol that provides privacy and data integrity for Internet communications.

A KEM establishes a shared secret key between two people so they can communicate confidentiality using symmetric key encryption. Symmetric encryption requires a sender and a receiver to have identical digital keys to encrypt and decrypt data.

Google is deploying a hybrid version of two algorithms: X25519 and Kyber-768 in Chrome.

Google’s new approach will contribute an extra quantum-resistant layer of encryption. It does so by encasing the X25519 keys with a quantum-resistant, Kyber-768 encapsulation layer.

Although quantum computers that can break classical cryptography aren’t expected in the near term, Google’s attempt at protecting traffic with quantum-resistant tech is still relevant because of HNDL.

Devon O’Brien, technical program manager for Chrome security, said that while symmetric encryption algorithms used to defend data travelling on networks are considered safe from quantum cryptanalysis, the way the keys get negotiated is not. By adding support for a hybrid KEM, Chrome should provide a stronger defence against future quantum attacks.

Google’s priority stems from the need to accelerate quantum-resistant cybersecurity and quantum-driven transition. It underscores the company’s commitment to safeguarding user data against the evolving landscape of cyber threats.