6.5 C
New York
Thursday, December 3, 2020

Google and Cloudflare are testing post-quantum cryptography

In the future, quantum computers could break the cryptography used today. Google and Cloudflare launch an experiment to test under real-world conditions with HTTPS how well algorithms that protect against quantum computers work.

Must Read

Astronomers catalog a million unknown galaxies and you can now take a virtual trip through them

Astronomers have cataloged a million previously unexplored galaxies using a radio telescope. The high-resolution images obtained were put together in...

The iOS, more vulnerable than ever: an iPhone could have been hacked over Wi-Fi

A cybersecurity expert finds an unprecedented vulnerability on iOS operating system devices. Until May 2020 the 'hackers' may have...

German workers’ union declares war on Tesla

In Germany, the largest metalworkers union, IG Metall, declared war on Tesla co-founder Elon Musk who is building his...
Kamal Saini
Kamal S. has been Journalist and Writer for Business, Hardware and Gadgets at Revyuh.com since 2018. He deals with B2b, Funding, Blockchain, Law, IT security, privacy, surveillance, digital self-defense and network policy. As part of his studies of political science, sociology and law, he researched the impact of technology on human coexistence. Email: kamal (at) revyuh (dot) com

Google and Cloudflare are working together to explore how post-quantum algorithms beat HTTPS connectivity in practice. Cloudflare’s servers and Google’s Chrome browser will use two algorithms that are considered promising candidates for future encryption standards.

As a post-quantum cryptography encryption and signature methods are referred to, in which it is assumed that they can not be attacked by quantum computers. So far, quantum computers that can crack encryption methods exist only in theory. But that could change in the future – and then all public-key methods used today, such as RSA or elliptic curve-based methods, would be uncertain.

CRURL: Google rebuilds Curl with its own backend

Connections slowed down for unclear reasons

Google was already experimenting with post-quantum methods. There were no major issues, however, Google developer Adam Langley reported that in some cases compounds were slowed unexpectedly strong. Cloudflare and Google hope to better understand and analyze such and other issues with the large-scale experiment that has just begun.

The algorithms HRSS-SXY and SIKE are to be used. The algorithm HRSS-SXY is a variant of the Ntru encryption system and belongs to the so-called grid-based encryption methods. SIKE, in turn, is based on supersingular isogenies over elliptic curves. The latter are considered particularly experimental, and only a few years ago this form of mathematical constructions was used for cryptographic methods.

Chromium Browser: Vivaldi blocks abusive advertising

Both methods have advantages and disadvantages. HRSS-SXY is comparatively fast, but the public keys and encrypted data are each more than one kilobyte in size. For comparison: The largest conventional encryption method with similar properties has been either RSA or Diffie-Hellman with 4096 bits – which corresponds to 512 bytes, which is almost half.

SIKE, on the other hand, uses a lot less data: 330 bytes for a public key and 346 bytes for the encrypted data. It is much slower for that. Encryption is 300 times slower than HRSS-SXY, and decryption is 100 times slower. However, there is hope that the gap will be smaller in the future due to improvements in the calculation algorithms.

Microsoft continues to polish the arrival of the 201H1 branch in Windows 10

Combination with elliptic curves

Both algorithms are not yet part of the official TLS standard, but TLS generally foresees that experimental additional algorithms can be used. The new algorithms should not be used alone, they are combined with the X25519 key exchange based on elliptic curves. The advantage: Even if the new algorithms prove to be insecure, there is still the security of the proven elliptic curves.

Specifically, the experiment should run in such a way that the cloudflare servers support both algorithms. Chrome will randomly offer one of the two algorithms for connections. In addition, Chrome will continue to offer classic algorithms, so that in any case a connection comes about. Generally, the new algorithms are only supported with TLS 1.3. Cloudflare will collect data about the connections and hopes to better analyze problems.

Raspberry Pi 4, everything we know so far and everything we expect

Not only Google and Cloudflare are preparing for the future of post-quantum cryptography. The US standardization agency Nist is currently conducting a competition to standardize post-quantum algorithms. SIKE and a slightly different version of HRSS are both part of the competition.

Via | Cloudfare Blog / Imperialviolet

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -

Latest News

Astronomers catalog a million unknown galaxies and you can now take a virtual trip through them

Astronomers have cataloged a million previously unexplored galaxies using a radio telescope. The high-resolution images obtained were put together in...

The iOS, more vulnerable than ever: an iPhone could have been hacked over Wi-Fi

A cybersecurity expert finds an unprecedented vulnerability on iOS operating system devices. Until May 2020 the 'hackers' may have accessed iPhones, iPads and iWatch...

German workers’ union declares war on Tesla

In Germany, the largest metalworkers union, IG Metall, declared war on Tesla co-founder Elon Musk who is building his first European plant in the...

A girl with a rare hair disease goes viral

A 10-year-old girl who was born with a rare genetic disease that makes it impossible for her to brush her hair has gone viral...

Scientists develop a drug that “rejuvenates” the brain

The effect of ISRIB has so far been tested only in mice, but its results "stunned" specialists. In just three days, the cognitive abilities of...
- Advertisement -

More Articles Like This

- Advertisement -