Google has said that they are starting a new project to make HTTPS certificates safe from quantum computers.
The application, named PLANTS — PKI, Logs, And Tree Signatures — is meant to fix performance and bandwidth problems that come up when quantum-resistant encryption gets bigger in TLS connections that need Certificate Transparency (CT).
If the current digital certificates used by TLS connections were simply replaced with quantum-resistant cryptography certificates, it would make those connections much less secure against attacks by quantum computers in the future. It would also use up a lot of bandwidth.
“The cryptography we use today is quite tiny and can be broken by quantum computers. “It’s very efficient in size,” said Bas Westerbaan, a research engineer at Cloudflare, a web performance and security business based in San Francisco.
He told TechNewsWorld, “We’ve become a little addicted to how small it is.”
He said, “Quantum-resistant cryptography is usually 40 times bigger.” “That makes things harder because we’ve gotten used to using a lot of cryptography on some web connections.”
Rebecca Krauthamer, CEO and co-founder of QuSecure, a company in San Mateo, California that makes quantum-safe security solutions, said that browsers end TLS billions of times a day and that certificate authentication is the most important step in loading a page.
She told TechNewsWorld that “Today’s public web handshake often has more than one signature and key because of certificate chains and Certificate Transparency-related proofs.” “That extra work was okay with small classical signatures, but post-quantum signatures and key material are much bigger, which means more bytes on the wire, longer handshake times, and more ways for things to go wrong, like fragmentation and stress on intermediaries.”
She remarked, “At the scale of the internet, bigger handshakes turn into slower handshakes that make the network more congested and make it harder for connections with limited bandwidth.”
Google’s answer to possible performance problems caused by quantum-resistant cryptography is to improve HTTPS certificates with Merkle Tree Certificates (MTCs).
MTCs can use small Merkle Tree proofs instead of the long, serialized chain of signatures that is common in standard PKI. Google’s security blog said that in this paradigm, a Certification Authority (CA) signs a single “Tree Head” that might stand for millions of certificates. The “certificate” that is delivered to the browser is really a small demonstration that the browser is part of that tree.
Google noted that MTCs make it possible to use strong post-quantum techniques without the huge bandwidth cost of old certificate chains.
Google also said that MTCs separate the strength of the security of the related cryptographic technique from the amount of the data sent to the user. MTCs want to keep the post-quantum web as fast and seamless as today’s internet by reducing the amount of authentication data in a TLS handshake to the absolute minimum. They want to keep high speed even while tighter security is put in place.
Jeremy Samuelson, executive vice president of AI and innovation at Integrated Quantum Technologies, a post-quantum AI infrastructure company, said, “MTCs are promising because their core design goal keeps post-quantum authentication feasible without ballooning every single TLS handshake.”
But he said that the system creates an ecology of dependencies that could cause problems. He told TechNewsWorld, “There are definitely some operational challenges that always come with introducing a new ecosystem of dependencies, which is basically what they’re doing.”
Roger Grimes, CISO advisor at KnowBe4, a security awareness training company in Clearwater, Florida, said that while MTCs could help with performance and bandwidth issues, other problems won’t show up until they are used on a large scale.
He told TechNewsWorld, “It’s a whole new way of doing [digital certificates] and TLS.” “All software, firmware, and hardware that was coded the old way will need to be updated or replaced.”
He stated, “I see what Google is doing as a sign of the market growing up as it moves from theory to practice. Google is leading the way and making the tough choices that others will follow.”
Tim Williams, CTO of ProteQC, a London-based post-quantum cryptography advisory and consulting firm, said that MTCs will only become popular if they are adopted as internet architecture standards and supported by other vendors.
He did say, though, that for companies other than Google, these are changes that have been forced on them that they haven’t planned for or budgeted for. He told TechNewsWorld that “many vendors and customers will find it hard to keep up with Google’s changes in the timeframes Google is asking for.”
More Than a Browser Update Antonio Sanchez, chief strategy officer at Quantum XChange, a post-quantum secure communications company in Bethesda, Md., said that Google’s announcement makes it even more important for businesses to protect themselves from harvest now, decrypt later (HNDL) attacks. In these attacks, hackers steal encrypted data now and hope to decrypt it later with a quantum computer.
He told TechNewsWorld, “It also shows how important it is to solve this problem without making the user experience worse.”
He went on to say, “The move to post-quantum cryptography is not a software update that can be fixed.” “It’s a digital transformation project that needs a new way of doing things and a new architecture made just for the quantum age.”
“This is more than just an update to the browser,” said Allan Francis Beechinor, the chief AI strategist and inventor-founder of EmergeGen, a company that helps create AI-ready knowledge environments. “It is Chrome saying that quantum-safe trust needs to be built into the web stack in a way that can grow and work.”
He told TechNewsWorld, “Moving early on certificate infrastructure forces the ecosystem to deal with performance, governance, and interoperability now instead of waiting until later.”
Bobby Kuzma, director of offensive cyber operations at ProCircular, a cybersecurity consulting firm in Coralville, Iowa, said, “Google is the first browser developer to try to ship a solution for quantum computing that is widely available against TLS transactions.”
“I’m glad to see someone take the lead and get a standards-based solution out into the world, even if the standard isn’t 100% ready yet.”
A Very Important Change
Brian Trzupek, senior vice president of product at DigiCert, a global digital security company, said that Google’s move was “one of the most important moves we’ve seen toward preparing the web’s trust infrastructure for the post-quantum era.”
He told TechNewsWorld that “Google is signaling that the move to quantum-resistant authentication on the public internet won’t just be a drop-in algorithm swap.” “Instead, they want to completely change how certificates are structured, issued, and verified, going from traditional certificate chains to Merkle Tree Certificates.”
He said, “The ambition and the timeline are what make this important.” “Google is already live-testing MTCs with Cloudflare and has made a clear three-phase plan for a brand new quantum-resistant root store by the end of 2027.” This news is a warning to everyone in the CA ecosystem: the structure of web PKI is going to change, and businesses who want to stay relevant need to start getting ready immediately.
He went on to say, “We also think it’s important that open standards are driving this change.” “Google’s work in the IETF PLANTS group and with Cloudflare and the CA community as a whole makes sure that the infrastructure works for everyone, not just one browser or cloud provider.”
