Google Chrome users have been reporting having trouble connecting to websites, servers, and firewalls after Chrome 124 was released last week with quantum-resistant X25519Kyber768 encryption.
A search on X found that the issue was a widespread problem and that many users also had trouble enabling audio to play music and videos even after rebooting and reinstalling.
This recent news broke after the Google Security team reported late last week that after several months of experimentation for compatibility and performance impacts, it launched a hybrid postquantum TLS key exchange to desktop platforms in Chrome 124.
Google said the aim of the launch was to protect user traffic from so-called “store now, decrypt later” attacks, in which a future quantum computer could decrypt encrypted traffic recorded today. These “store now, decrypt later” attacks happen when attackers collect encrypted data and store it for future use when new decryption methods are potentially developed using quantum computers or encryption keys.
Systems often need to maintain compatibility with older hardware and software that may not support the latest versions of TLS or newer cryptographic algorithms, explained Jason Soroko, senior vice president of product at Sectigo. To ensure broader accessibility, Soroko said some systems might continue to support older, less secure versions of TLS.
“The larger key sizes associated with postquantum algorithms are simply not expected by some of these legacy systems, and that’s resulting in the broken TLS connections,” said Soroko. “This highlights one of the main difficulties we are going to have to secure systems in the postquantum world. We should not let this problem impede progress. Instead, we should let it educate us to see what proportion of systems are badly in need of an upgrade.”
Tom Siu, chief information security officer at Inversion6, added that browser-based upgrades are the tail end of the patch chain, and server-based upgrades should have been done earlier. Since Google has been testing this Chrome encryption enhancement since August, Siu said what we are seeing is the inevitable game of catch up for server admins and organizations that have older software dependencies.
“I'm not certain of the urgency of the risk of stored encrypted sessions for postquantum playback attacks, because it would require the attackers to have well-established indexing of large stored session traffic,” said Siu. “The topic of ‘time-based security’ applies, where the data sensitivity decreases as time passes. Therefore, any future playback attacks, and possible decryption would yield low yield of data returns months to years after the encrypted key sessions have been recorded.”
Lionel Litty, chief security architect at Menlo Security, added that the broken connections are not too concerning because rolling out changes in TLS often comes with similar breakages and these get worked out over time.
“Vendors and system administrators now need to do their part, by releasing fixes for their software and rolling these fixes out respectively,” said Litty. “While there's no need to panic, the sooner we broadly deploy postquantum algorithms the better.”
