Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome

Source: The Hacker News

Google has announced a new program in Chrome to ensure that HTTPS certificates remain secure against the future risk posed by quantum computers.

“To ensure the scalability and efficiency of the ecosystem, Chrome has no immediate plan to add traditional X.509 certificates containing post‑quantum cryptography to the Chrome Root Store,” the Chrome Secure Web and Networking Team said.
“Instead, Chrome, in collaboration with other partners, is developing an evolution of HTTPS certificates based on Merkle Tree Certificates (MTCs), currently in development in the PLANTS working group.”

Merkle Tree Certificates (MTCs)

MTCs are a proposal for the next generation of the Public Key Infrastructure (PKI) used to secure the internet. They aim to reduce the number of public keys and signatures in the TLS handshake to the bare minimum required.

Under this model, a Certification Authority (CA) signs a single Tree Head representing potentially millions of certificates. The certificate sent to the browser is a lightweight proof of inclusion in that tree.

In other words, MTCs facilitate the adoption of post‑quantum algorithms without incurring the additional bandwidth associated with classical X.509 certificate chains. The approach decouples the security strength of the cryptographic algorithm from the size of the data transmitted to the user.

“By shrinking the authentication data in a TLS handshake to the absolute minimum, MTCs aim to keep the post‑quantum web as fast and seamless as today’s internet, maintaining high performance even as we adopt stronger security,” Google said.

Phases of Rollout

Google is experimenting with MTCs on real internet traffic and plans to expand the rollout in three distinct phases by the third quarter of 2027:

1. Phase 1 – Feasibility Study (in progress)
   Google is conducting a feasibility study with Cloudflare to evaluate the performance and security of TLS connections that rely on MTCs.

2. Phase 2 – Initial Bootstrapping (Q1 2027)
   Google will invite Certificate Transparency (CT) log operators that have at least one usable log in Chrome (before February 1 2026) to participate in the initial bootstrapping of public MTCs.

3. Phase 3 – Quantum‑Resistant Root Store (Q3 2027)
   Google will finalize the requirements for onboarding additional CAs into the new Chrome Quantum‑Resistant Root Store (CQRS) and the corresponding Root Program that supports only MTCs.

“We view the adoption of MTCs and a quantum‑resistant root store as a critical opportunity to ensure the robustness of the foundation of today’s ecosystem,” Google said. “By designing for the specific demands of a modern, agile internet, we can accelerate the adoption of post‑quantum resilience for all web users.”