Google Chrome version 116 will introduce support for quantum-resistant encryption algorithms. The algorithms include a hybrid key encapsulation mechanism, to enhance the security of symmetric encryption secrets exchanged over secure TLS network connections.
The upcoming Chrome version will support X25519Kyber768 for generating symmetric secrets in TLS. This hybrid mechanism combines the output of two cryptographic algorithms:
- X25519: An elliptic curve algorithm widely used for key negotiation in TLS.
- Kyber-768: A quantum-resistant key encapsulation method.
The Key Encapsulation Mechanism (KEM) enables two parties to establish a shared secret key through a public channel. Google has implemented this algorithm on its servers, using both TCP and QUIC protocols, to identify any potential compatibility issues.
The hybrid KEM schema adds additional data of over a kilobyte to the TLS ClientHello message. Administrators have the option to disable X25519Kyber768 in Chrome by utilizing the PostQuantumKeyAgreementEnabled corporate policy. However, this feature will be offered as a temporary solution.
The official announcement is here.
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options: