Google announced Thursday that it is experimenting with post-quantum cryptography with Chrome that it hopes will prevent quantum hacking. The new style of encryption key is already being tested alongside current security measures over a small number of connections between Chrome and Google's servers. According to a blog post written by Google's software engineer Matt Braithwaite, the key if successful should stand up to future large quantum computers. Quantum computers, which use certain aspects of quantum physics, are capable of solving problems much faster than our present-day binary computers. These computers can also easily crack our current secure digital connections.
Quantum computing provides the processing hardware necessary to run Shor's Algorithm at scale and perform even the most difficult underlying math problems very efficiently. Quantum also offers the power to identify secret cryptographic keys in an extremely efficient way. This could potentially expose businesses to threat actors globally--and all at once. This disruption eclipses the diligent planning and deep investment that went into Y2K preparations. It is an immense, high-impact event that will override existing cryptography methods and make current infrastructure and application protections irrelevant.
Few of us give much thought to the tiny padlock symbol that appears in our web browsers every time we use an e-commerce site, send and receive emails, or check our bank or credit card accounts. But it's a signal that the online services are using HTTPS, a web protocol that encrypts the data we send across the internet and the responses we receive. This and other forms of encryption protect all kinds of electronic communications, as well as things like passwords, digital signatures, and health records.
The encryption methods used to secure today's Internet communications won't be impenetrable forever. More powerful "quantum computers" on the horizon could very well crack them. That's why Google is testing out new cryptography that computers in the future might not be able to break. The processing power offered by "hypothetical, future" quantum computers could be enough to "decrypt any internet communication that was recorded today," wrote Matt Braithwaite, a Google software engineer in a company blog post on Thursday. This could affect the Transport Layer Security (TLS) protocol used when visiting websites.
For years, experts have warned users to use secure browser communications whenever possible. If you visit a site and the URL in your browser's address bar starts with "https://", you know the communication between your computer and the server is encrypted. But that encryption, according to Google, has a potential weakness. If quantum computers get sufficiently powerful in the future, they could be used to break TLS, the cryptographic protocol that's one of the foundations of HTTPS. Worse, a future quantum computer might be able to retroactively decrypt today's internet communications.