Google experimenting on protecting Chrome from quantum hacks
Sundar Pichai, senior vice president of Google Chrome, speaks during Google I/O Conference at Moscone Center in San Francisco, California June 28, 2012. Reuters/Stephen Lam

Google is experimenting with post-quantum cryptography in Chrome that is designed to make the internet browser secure, even from attacks coming from quantum computers.

The company’s Software Engineer Matt Braithwaite said in a blog post that Google will be using a post-quantum key-exchange algorithm in a small fraction of connections between Chrome and Google servers.

He said that the experiment won’t be affecting the security of users as the cryptography will be added on top of the existing one.

Braithwaite said that the aim of their experiment is to highlight an area of research that Google believes to be important.

He said that the experiment also allows them “to gain real-world experience with the larger data structures that post-quantum algorithms will likely require.”

He stressed, though, that the selected post-quantum algorithm will not be a de-facto standard.

“To this end we plan to discontinue this experiment within two years, hopefully by replacing it with something better,” Braithwaite said.

CNET reports that quantum computers are still in their experimental stages and it’s not guaranteed that a large quantum computer that is capable of attacking Chrome will ever be built.

Quantum computers use advance aspects of physics to solve problems exponentially faster than regular computers. What this means is that the modern encryptions, like HTTPS, wouldn’t be able to stand up against quantum attacks.

Braithwaite said that the issue is that even a hypothetical quantum computer could still “decrypt any internet communication that was recorded today…”

Google’s experiment is currently enabled on Chrome Canary and users can open the recently introduced Security Panel to tell if it’s being used.

Users will just need to look for “CECPQ1” to see confirm its usage.

Not all Google domains, though, will have the experiment enabled and any issue found may cause it to disappear and appear a few times.