Google is starting the rollout of a new type of HTTPS certificate that is quantum-resistant yet remains small enough for large-scale use.
Google is beginning the rollout of its plan for a quantum-resistant internet. The focus is on HTTPS certificates. Google is preparing these for the invention of the quantum computer without making the certificates too large. A test in collaboration with Cloudflare is already underway.
Quantum and traditional encryption
Today, HTTPS certificates work with a cryptographic algorithm that relies on a mathematical problem that is unsolvable by a traditional (super)computer. At least, a traditional system cannot crack the encryption within a relevant timeframe—think in the order of a billion years.
A quantum computer works fundamentally differently. The type of encryption used for traditional X.509 certificates falls under the category of problems where quantum computers will excel. Such a system would not need a billion years, but a day or less to break the encryption.
Ready for the Future
When such a quantum computer will arrive remains guesswork. However, the consensus is that it is only a matter of time. Encryption must be ready before the arrival of a real quantum computer, and that is what Google is working on now.
The solution is an HTTPS certificate based on a quantum-resistant algorithm. This is perfectly possible: quantum computers are not magic, and researchers can already develop techniques today that cannot be cracked by quantum computing.
Too large
The only issue is that such a certificate would weigh 2.5 Kb, which is a lot. Current certificates, after all, measure only four bytes. If certificates suddenly become forty times larger, it will not benefit internet loading times.
Google solves this by using a hash tree (or Merkle tree). This is a cryptographic structure in which large volumes of data are bundled, after which they can be verified with a much smaller amount of data.
The combination of such a tree and quantum-resistant algorithms ensures that encryption becomes future-proof while keeping the certificates from becoming too large.
Transparent
As an added bonus, certificates are published transparently in a kind of blockchain. This way, the authenticity of a certificate can always be publicly verified, making it harder for malicious entities to issue certificates.
Google is currently testing the new system together with Cloudflare. About a thousand certificates already rely on the new system. During a website visit, traditional X.509 certificates are still sent along for now, so that a connection can still be established securely if something goes wrong with the new system.
The rollout will take some time. By 2027, Google wants to set up a parallel verification system that is quantum-resistant. When quantum computers eventually pose a risk, a resistant alternative will be ready.