Back to Discover

Google quantum-proofs HTTPS by squeezing 15kB of data into 700-byte space

March 1, 2026
Ars technica
Google quantum-proofs HTTPS by squeezing 15kB of data into 700-byte space

Here's something that caught my attention — Google's Chrome team is working on quantum-proof HTTPS, and the trick is, it’s tiny but mighty. Normally, securing web traffic with certificates involves a lot of data — think about a chain that’s around 4 kilobytes. But with the rise of quantum computers, that data could become crackable, as Dan Goodin reports at Ars Technica. The challenge? Making these quantum-resistant certificates big enough to be secure, but small enough not to slow things down. According to Bas Westerbaan from Cloudflare, if the certificates get too bulky, browsers will slow to a crawl, and people might just turn off the new security. Now, here’s where it gets clever — Google’s plan is to squeeze 15,000 bytes of info into just 700 bytes, using some advanced math. That way, they keep security tight without losing speed or leaving anyone behind. As Dan Goodin points out, this innovation could shape how we stay safe online in a quantum future — pretty wild, huh?

Google on Friday unveiled its plan for its Chrome browser to secure HTTPS certificates against quantum computer attacks without breaking the Internet.

The objective is a tall order. The quantum-resistant cryptographic data needed to transparently publish TLS certificates is roughly 40 times bigger than the classical cryptographic material used today. A typical X.509 certificate chain used today comprises six elliptic curve signatures and two EC public keys, each of them only 64 bytes. This material can be cracked through the quantum-enabled Shor’s algorithm. The full chain is roughly 4 kilobytes. All this data must be transmitted when a browser connects to a site.

The bigger they come, the slower they move

“The bigger you make the certificate, the slower the handshake and the more people you leave behind,” said Bas Westerbaan, principal research engineer at Cloudflare, which is partnering with Google on the transition. “Our problem is we don’t want to leave people behind in this transition.” Speaking to Ars, he said that people will likely disable the new encryption if it slows their browsing. He added that the massive size increase can also degrade “middle boxes,” which sit between browsers and the final site.

Read full article

Comments

Audio Transcript

Google on Friday unveiled its plan for its Chrome browser to secure HTTPS certificates against quantum computer attacks without breaking the Internet.

The objective is a tall order. The quantum-resistant cryptographic data needed to transparently publish TLS certificates is roughly 40 times bigger than the classical cryptographic material used today. A typical X.509 certificate chain used today comprises six elliptic curve signatures and two EC public keys, each of them only 64 bytes. This material can be cracked through the quantum-enabled Shor’s algorithm. The full chain is roughly 4 kilobytes. All this data must be transmitted when a browser connects to a site.

The bigger they come, the slower they move

“The bigger you make the certificate, the slower the handshake and the more people you leave behind,” said Bas Westerbaan, principal research engineer at Cloudflare, which is partnering with Google on the transition. “Our problem is we don’t want to leave people behind in this transition.” Speaking to Ars, he said that people will likely disable the new encryption if it slows their browsing. He added that the massive size increase can also degrade “middle boxes,” which sit between browsers and the final site.

Read full article

Comments

View original article
0:00/0:00