TLS: Google and Cloudflare are testing post-quantum cryptography


Google and Cloudflare are working together to explore how post-quantum algorithms outperform HTTPS connectivity in practice. Cloudflare servers and the Google Chrome browser will use two algorithms considered promising candidates for future cryptographic standards.

job market

  1. operating services GmbH & Co. KG, Braunschweig
  2. Interflex Data Systems GmbH & Co. KG, Berlin

Post-quantum cryptography refers to encryption and signature procedures that assume that they can not be attacked by quantum computers. Until now, quantum computers that can crack encryption methods exist only in theory. But that may change in the future – and then all public key methods used today, such as RSA or elliptic curve-based methods, would be uncertain.

Connections slowed for obscure reasons

Google was already experimenting with post-quantum methods. There were no major issues, however, Google developer Adam Langley reported that in some cases the compounds were unexpectedly delayed. Cloudflare and Google hope to better understand and analyze these and other issues with the large-scale experiment that has just begun.

The HRSS-SXY and SIKE algorithms should be used. The HRSS-SXY algorithm is a variant of the Ntru encryption system and belongs to so-called grid-based encryption methods. SIKE, on the other hand, is based on supersonic isogenies on elliptic curves. The latter are considered particularly experimental, and only a few years ago this form of mathematical constructions was used for cryptographic methods.

Both methods have advantages and disadvantages. The HRSS-SXY is relatively fast, but public keys and encrypted data each are more than one kilobyte in size. For comparison: The largest conventional method of encryption with similar properties was RSA or Diffie-Hellman with 4096 bits – which corresponds to 512 bytes, which is almost half.

SIKE, on the other hand, uses much less data: 330 bytes for a public key and 346 bytes for the encrypted data. It's much slower for that. Encryption is 300 times slower than HRSS-SXY, and decryption is 100 times slower. However, there is hope that the gap will be lower in the future due to improvements in calculation algorithms.

Combination with elliptical curves

Both algorithms are not yet part of the official TLS standard, but TLS generally predicts that additional experimental algorithms can be used. The new algorithms should not be used alone, they are combined with X25519 key exchange based on elliptic curves. The advantage: Even if the new algorithms prove to be unsafe, there is still the safety of proven elliptic curves.

Specifically, the experiment must be run in a way that the cloudflare servers support both algorithms. Chrome will randomly offer one of two algorithms for connections. In addition, Chrome will continue to offer classic algorithms for a connection to occur in any case. Generally, new algorithms are only supported with TLS 1.3. Cloudflare will collect data about the connections and expect to better analyze the issues.

Not only are Google and Cloudflare preparing for the future of post-quantum cryptography. The US standardization agency Nist is currently conducting a competition to standardize post-quantum algorithms. SIKE and a slightly different version of HRSS are part of the competition.


Source link