Google is Experimenting Post- Quantum Cryptography in Chrome Canary
The encryption methods available to protect today’s internet communications won’t be impenetrable forever. The advanced cryptography capabilities of future quantum computers could very well crack even the most secure encryption currently available. That’s why Google announced that it has begun an experiment in Chrome Canary browser to test a new post-quantum cryptographic algorithm designed to prevent decryption attacks by code breakers of the future.
The experiment by the search giant
is an effort to check how resistant the new post-quantum cryptographic algorithm is to attacks by quantum computers, a fundamentally different kind of computer that uses quantum bits and the principles of quantum physics to solve certain difficult problems dramatically faster than today’s consumer grade computers. Currently, quantum computers only exist in the form of small experimental machines, but the tech industry has been working on to bring larger and more powerful versions to make them a mainstream reality. Though the machines hold promise for research, they also raise acute challenges for cryptographers.
Unlike conventional computers that deal in bits, quantum computers work with quantum bits, or qubits, each of which can be zero or one or both. The positioning of qubits allows machines to complete multiple computations simultaneously with far greater efficiency, making a quantum computer most desirable for some of the complex tasks. Apparently, one of those workloads could be infiltrating encryption, and so some researchers have been coming up with ways to prevent such attacks. Last year, a few academics developed New Hope algorithm, implemented from Peikert’s ring- learning- with- errors- based (RING-LWE) key-exchange protocol that works with OPENSSL. Google chose to experiment with this new algorithm that is enabled in Chrome on just a few connections between the browser and Google servers, according to the company’s software engineer Matt Braithwaite. However, the test will be conducted only for a couple of years as the Mountain View, California company believes it can replace the algorithm with something better.
According to Braithwaite’s blog post, the post-quantum cryptography algorithm might still be penetrable with conventional computers, in which case the existing elliptic-curve algorithm will continue to provide the best security the current technology can offer. Likewise, if the post-quantum algorithm emerges as secure, then it will protect the connection even against a future quantum computer. The work is crucial considering the fact that the Navy and defense contractor Lockheed Martin have both worked with privately held company D-wave on quantum computing. In the interim, the search giant has been researching development of quantum computing infrastructure, as have Microsoft and IBM, among others.
Those using Chrome Canary can see if the tech giant is experimenting cryptography on a connection to a given page by just opening the Inspect tool (command/control + shift + I) and then going to the Security section. The obvious sign is the code CECPQ1 in the key exchange section, according to Braithwaite.