HTTPS crypto’s days are numbered. Here’s how Google wants to save it | Ars Technica
Like many forms of encryption in use today, HTTPS protections are on the brink of a collapse that could bring down the world as we know it. Hanging in the balance are most encrypted communications sent over the last several decades. On Thursday, Google unveiled an experiment designed to head off, or at least lessen, the catastrophe.
In the coming months, Google servers will add a new, experimental cryptographic algorithm to the more established elliptic curve algorithm it has been using for the past few years to help encrypt HTTPS communications. The algorithm-which goes by the wonky name "Ring Learning With Errors"-is a method of exchanging cryptographic keys that's currently considered one of the great new hopes in the age of quantum computing. Like other forms of public key encryption, it allows two parties who have never met to encrypt their communications, making it ideal for Internet usage.
Virtually all forms of public key encryption in use today are secured by math problems that are so hard that they take millennia for normal computers to solve. In a world with quantum computers, the same problems take seconds to solve. No one knows precisely when this potential doomsday scenario will occur. Forecasts call for anywhere from 20 to 100 years. But one thing is certain: once working quantum computers are a reality, they will be able to decrypt virtually all of today's HTTPS communications. Even more unnerving, eavesdroppers who have stashed away decades' worth of encrypted Internet traffic would suddenly have a way to decrypt all of it.
Unlike today's Diffie-Hellman key-exchange method or the RSA and elliptic curve cryptography crypto systems commonly used to encrypt Internet communications, Ring Learning With Errors, or Ring-LWE for short, has no known weaknesses to quantum computing. So over the next year or so, Google plans to combine it with the current algorithms it uses to see how it performs in real-world environments.
"Our aims with this experiment are to highlight an area of research that Google believes to be important and to gain real-world experience with the larger data structures that post-quantum algorithms will likely require," Google software engineer Matt Braithwaite wrote in a blog post published Thursday...
HTTPS crypto’s days are numbered. Here’s how Google wants to save it | Ars Technica
In the coming months, Google servers will add a new, experimental cryptographic algorithm to the more established elliptic curve algorithm it has been using for the past few years to help encrypt HTTPS communications. The algorithm-which goes by the wonky name "Ring Learning With Errors"-is a method of exchanging cryptographic keys that's currently considered one of the great new hopes in the age of quantum computing. Like other forms of public key encryption, it allows two parties who have never met to encrypt their communications, making it ideal for Internet usage.
Virtually all forms of public key encryption in use today are secured by math problems that are so hard that they take millennia for normal computers to solve. In a world with quantum computers, the same problems take seconds to solve. No one knows precisely when this potential doomsday scenario will occur. Forecasts call for anywhere from 20 to 100 years. But one thing is certain: once working quantum computers are a reality, they will be able to decrypt virtually all of today's HTTPS communications. Even more unnerving, eavesdroppers who have stashed away decades' worth of encrypted Internet traffic would suddenly have a way to decrypt all of it.
Unlike today's Diffie-Hellman key-exchange method or the RSA and elliptic curve cryptography crypto systems commonly used to encrypt Internet communications, Ring Learning With Errors, or Ring-LWE for short, has no known weaknesses to quantum computing. So over the next year or so, Google plans to combine it with the current algorithms it uses to see how it performs in real-world environments.
"Our aims with this experiment are to highlight an area of research that Google believes to be important and to gain real-world experience with the larger data structures that post-quantum algorithms will likely require," Google software engineer Matt Braithwaite wrote in a blog post published Thursday...
HTTPS crypto’s days are numbered. Here’s how Google wants to save it | Ars Technica