Google quantum-proofs HTTPS by squeezing 2.5kB of data into 64-byte space
Source: Ars Technica
Background
Google and other browser makers require that all TLS certificates be published in public transparency logs, which are append‑only distributed ledgers. Website owners can then check the logs in real time to ensure that no rogue certificates have been issued for the domains they use. The transparency programs were implemented in response to the 2011 hack of Netherlands‑based DigiNotar, which allowed the minting of 500 counterfeit certificates for Google and other websites, some of which were used to spy on web users in Iran.
Quantum Threat
If viable, Shor’s algorithm could be used to forge classical encryption signatures and break the public keys of the certificate logs. An attacker could also forge signed certificate timestamps used to prove to a browser or operating system that a certificate has been registered when it hasn’t.
Google’s Quantum‑Resistant Approach
To mitigate this risk, Google is adding cryptographic material from quantum‑resistant algorithms such as ML‑DSA. This addition would allow forgeries only if an attacker were to break both classical and post‑quantum encryption. The new regime is part of what Google calls the quantum‑resistant root store, which will complement the Chrome Root Store the company formed in 2022.
Merkle Tree Certificates (MTCs)
The MTCs use Merkle Trees to provide quantum‑resistant assurances that a certificate has been published without having to add most of the lengthy keys and hashes. By employing techniques to reduce data size, the MTCs remain roughly the same 64‑byte length they are now, according to Westerbaan.
Implementation and Testing
The new system has already been implemented in Chrome. For the time being, Cloudflare is enrolling roughly 1,000 TLS certificates to test how well the MTCs work. Currently, Cloudflare is generating the distributed ledger, with the plan for Certificate Authorities to eventually fill that role.
The Internet Engineering Task Force (IETF) has recently formed a working group called PKI, Logs, And Tree Signatures (PLANTS), which is coordinating with other key players to develop a long‑term solution.
Outlook
“We view the adoption of MTCs and a quantum‑resistant root store as a critical opportunity to ensure the robustness of the foundation of today’s ecosystem,” Google’s Friday blog post said. “By designing for the specific demands of a modern, agile internet, we can accelerate the adoption of post‑quantum resilience for all web users.”