Google has announced a new program in its Chrome browser that ensures HTTPS certificates are secure against future risks posed by quantum computers.
“To ensure ecosystem scalability and efficiency, Chrome has no immediate plans to add traditional X.509 certificates, including post-quantum cryptography, to the Chrome root store,” the Chrome Secure Web and Networking Team said.
“Instead, Chrome is working with other partners to develop an evolution of HTTPS certificates based on Merkle Tree Certificates (MTC), currently under development in the PLANTS working group.”
As described by Cloudflare, MTC is a next-generation public key infrastructure (PKI) proposal used to secure the Internet that aims to reduce the number of public keys and signatures in a TLS handshake to the minimum necessary.
Google says that in this model, a certificate authority (CA) signs a single “tree head” representing millions of certificates, and the “certificate” sent to the browser is a lightweight certifier that it belongs in that tree.
In other words, MTC facilitates the deployment of post-quantum algorithms without incurring the additional bandwidth associated with traditional X.509 certificate chains. This approach decouples the security strength of the corresponding cryptographic algorithm from the size of the data transmitted to the user, the company added.
“By reducing the authentication data in the TLS handshake to an absolute minimum, MTC aims to keep the post-quantum web as fast and seamless as today’s Internet, maintaining high performance even as we employ stronger security,” Google said.
The tech giant said it is already experimenting with MTC using real internet traffic and plans to gradually expand its rollout in three different phases by the third quarter of 2027.
Phase 1 (in progress) – Google is working with Cloudflare to conduct a feasibility study to evaluate the performance and security of TLS connections that rely on MTC. Phase 2 (Q1 2027) – Google plans to invite Certificate Transparency (CT) log operators with at least one “usable” log in Chrome by February 1, 2026 to participate in the initial bootstrapping of the public MTC. Phase 3 (Q3 2027) – Google finalizes requirements for onboarding additional CAs to the new Chrome Quantum-Resistant Root Store (CQRS) and corresponding root programs that only support MTC.
Google said, “We believe the adoption of MTC and quantum-proof root stores is an important opportunity to ensure the robustness of the foundations of today’s ecosystem.” By designing for the specific demands of today’s agile Internet, we can accelerate the adoption of post-quantum resilience for all web users.
Source link
