Google quantum-proofs HTTPS by squeezing 15kB of data into 700-byte space
Source: Ars Technica
Background
Google and other browser makers require that all TLS certificates be published in public transparency logs, which are append‑only distributed ledgers. Website owners can then check the logs in real time to ensure that no rogue certificates have been issued for the domains they use. The transparency programs were implemented in response to the 2011 hack of Netherlands‑based DigiNotar, which allowed the minting of 500 counterfeit certificates for Google and other websites, some of which were used to spy on web users in Iran.
Quantum Threat
If Shor’s algorithm becomes viable, it could be used to forge classical encryption signatures and break the public keys protecting the certificate logs. An attacker could then forge signed certificate timestamps that prove to a browser or operating system that a certificate has been registered when it has not.
Quantum‑Resistant Solution
Google is adding cryptographic material from quantum‑resistant algorithms such as ML‑DSA. This addition would allow forgeries only if an attacker were able to break both classical and post‑quantum encryption. The new regime is part of what Google calls the quantum‑resistant root store, which will complement the Chrome Root Store the company formed in 2022.
Merkle Tree Certificates (MTCs)
The MTCs use Merkle Trees to provide quantum‑resistant assurances that a certificate has been published without having to add most of the lengthy keys and hashes. By employing techniques to reduce data size, the MTCs remain roughly the same 4 kB length they are now, according to Westerbaan.
Implementation
The new system has already been implemented in Chrome. For the time being, Cloudflare is enrolling roughly 1,000 TLS certificates to test how well the MTCs work. Currently, Cloudflare is generating the distributed ledger, with the plan for Certificate Authorities to eventually fill that role.
The Internet Engineering Task Force (IETF) has recently formed a working group called the PKI, Logs, And Tree Signatures (PLANTS), which is coordinating with other key players to develop a long‑term solution.
Outlook
“We view the adoption of MTCs and a quantum‑resistant root store as a critical opportunity to ensure the robustness of the foundation of today’s ecosystem,” Google’s Friday blog post said. “By designing for the specific demands of a modern, agile internet, we can accelerate the adoption of post‑quantum resilience for all web users.”
Post updated to correct reported sizes of various items.