Google Hardens Chrome’s Security Against Quantum Computer Encryption Hacking
It may still be in the early days for quantum computers, but Google is already experimenting with post-quantum cryptography. Someone could potentially retroactively break any communications that were encrypted with today’s standard encryption algorithms. Google is attempting to encrypt some of its connections through post-quantum cryptography to avoid this possible problem.
Google remarked, “Our aims with this experiment are to highlight an area of research that Google believes to be important and to gain real-world experience with the larger data structures that post-quantum algorithms will likely require.”
Google is utilizing the New Hope algorithm which was designed by Erdem Alkim, Léo Ducas, Thomas Pöppelmann, and Peter Schwabe. The company argues that it was the “most promising post-quantum key-exchange” when they began investigating in December 2015. The company hopes that by adding a post-quantum algorithm on top of the existing one, that it will be able to experiment without affecting user security. If the post-quantum alogorithm is breakable, the elliptic-curve algorithm should still provide the necessary security.
At this time, Google does not plan to make the post-quantum algorithm a de-facto standard. This experiment is currently enabled in Chrome Canary, which is an extremely experimental branch of Google Chrome. If there is a bug that would "kill" Chrome Canary, the Chrome developers can fix it before it reaches more stable Chrome channels. The name comes from the term “canary in a coal mine”. Because of their small size, rapid breath rate, and high metabolism, canaries would be the first to succumb from carbon monoxide poisoning in mines. Their deaths would therefore warn miners if there was a high amount of carbon monoxide in the air.
Only a small number of connections between the browser and Google’s servers will use this new algorithm. Uses can see if whether the algorithm is being use by opening the recently introduced Security Panel and looking for “CECPQ1”. Not all Google domains will have it enabled and the experiment may appear and disappear a few times. The experiment should end in two years.