Google has announced a strategy for its Chrome browser to protect HTTPS certificates from future quantum computer threats while ensuring minimal disruption to internet performance. This initiative aims to address a significant challenge: quantum-resistant cryptographic data required for TLS certificates is approximately 40 times larger than current classical cryptographic materials. A standard X.509 certificate chain today includes six elliptic curve signatures and two EC public keys, each only 64 bytes in size. This data is vulnerable to decryption via Shor’s algorithm when run on quantum machines. The entire chain typically measures about 4 kilobytes, all of which must be transmitted during browser-to-site connections.
Increasing certificate size directly impacts connection speed, as noted by Bas Westerbaan, a principal research engineer at Cloudflare, which is working with Google on this transition. “The bigger you make the certificate, the slower the handshake and the more people you leave behind,” Westerbaan explained. He emphasized the importance of avoiding performance degradation that could lead users to disable new encryption features. Additionally, larger certificates can strain “middle boxes,” intermediary devices between browsers and websites, further complicating the adoption of quantum-resistant measures.
To overcome these limitations, Google and Cloudflare are implementing Merkle Trees, a data structure that uses cryptographic hashes to verify large datasets with minimal verification material. This approach replaces the traditional public key infrastructure’s serialized signature chains with compact proofs. In this model, a Certification Authority signs a single “Tree Head” that represents potentially millions of certificates. The certificate sent to the browser is a lightweight proof of inclusion in that tree, drastically reducing data transmission requirements.
Google’s Chrome Secure Web and Networking Team detailed this method in a recent announcement. They stated that Merkle Tree Certificates “replace the heavy, serialized chain of signatures found in traditional PKI with compact Merkle Tree proofs.” This innovation allows the compression of roughly 15 kilobytes of quantum-resistant data into a 700-byte space, enabling efficient and secure HTTPS connections without sacrificing speed or accessibility.
