Network Security

Google offers ‘New Hope’ for cryptanalysis resistant public-key crypto


Google has taken to its online security blog to announce it has started to experiment with cryptanalysis resistant public-key cryptography.

The company said, “Today we're announcing an experiment in Chrome where a small fraction of connections between desktop Chrome and Google's servers will use a post-quantum key-exchange algorithm in addition to the elliptic-curve key-exchange algorithm that would typically be used.”

The firm recognises that currently most quantum computers only contain a minor amount of qubits, and perform very different tasks than a normal computer.

However it is predicting that in, “a hypothetical, future quantum computer would be able to retrospectively decrypt any internet communication that was recorded today, and many types of information need to remain confidential for decades.”

Google said it plans to use the ‘New Hope' algorithm, as the scheme developed by  Erdem Alkim, Léo Ducas, Thomas Pöppelmann and Peter Schwabe looked to be the most promising post-quantum key-exchange.

Chrome Canary, Google's developer beta-build of Chrome is where the experiment is currently enabled. Open the recently introduced Security Panel and look for “CECPQ1” to see if it's working on links to Google such as Not all Google domains will have it enabled and the experiment may appear and disappear a few times if any issues are found.

Recognising it is very early days, crypto-commentator Bruce Schneier blogged about the announcement and said, “Secure public-key algorithms are very hard to create, and this one has not had nearly enough analysis to be trusted. Lattice-based public-key cryptosystems such as New Hope are particularly subtle - and we cryptographers are still learning a lot about how they can be broken.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.