Google’s Post-Quantum Cryptography Experiment Successful
Quantum Computers Create A Need For New Cryptography Methods.
A few months ago, Chrome began a real-world experiment testing post-quantum cryptography. The experiment involved shipping a new TLS key-agreement method, which was designed to stand up to quantum computers.
The new key-agreement method combined a post-quantum algorithm named “New Hope” with an elliptic curve known as X25519. The resulting combination was named “CECPQ1,” which stands for Combined Elliptic Curve + Post-Quantum 1.
This week, Adam Langley, an engineer working on Chrome, shared an update on the experiment’s progress.
The experiment had two goals: to raise awareness (within the field of cryptography) about a specific type of mathematical problem that poses a risk to post-quantum cryptography, and to get real-world data on using post-quantum cryptography. On both counts, the experiment has been successful.
On both counts, the experiment has been successful.
The real-world telemetry that Chrome collected showed that CECPQ1 performed surprisingly well. Despite being a larger key-agreement method, in terms of bit-size, there was not a notable decrease in performance.
Langley wrote:
”The median connection latency only increased by a millisecond, the latency for the slowest 5% increased by 20ms and, for the slowest 1%, by 150ms…the data requirement of NewHope is moderately expensive for people on slower connections.”
The TLS protocol is notorious for having interoperability problems with specialized hardware and software (like enterprise devices) which don’t fully (or correctly) implement the protocol. But Google did not find any evidence that middleboxes – devices which filter, inspect, or modify packets – were not playing nice with CECPQ1.
Google originally planned to run this experiment for up to two years, but as a result of collecting what it needed, Chrome is now ending the experiment in a forthcoming version of Chrome, just five months later. There was also hesitation to keep CECPQ1 around too long because, as Langley puts it, Google does “not want to promote CECPQ1 as a de-facto standard.”
Post-quantum cryptography is a developing field creating cryptographic algorithms and systems that can remain secure against quantum computers, which have the potential to solve mathematical problems relied upon by ‘traditional’ cryptography hundreds of times faster than today’s computers.
Quantum computers will likely not be a legitimate threat for nearly two decades, but taking the lead on post-quantum cryptography is still important. These systems will one day protect billions of connections and highly-sensitive data, so it’s not something you want thrown together at the last minute.
If you are interested in the threat of quantum computers against traditional cryptography, we covered the basics when Google first launched its experiment.
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown