Quantum computing poses one of the most serious long-term threats to today’s internet security, with the potential to crack the cryptographic systems that protect global communications. For now, however, the technology remains far from capable of breaking modern encryption. Still, Google is moving early rather than waiting for that moment to arrive.
The company disclosed on Friday that Chrome is deploying a next-generation web certificate engineered with quantum resistance as a foundational feature.
To understand the importance, it helps to look at how web security functions today. When you access a website, your browser verifies a digital certificate to confirm the site’s identity. The security behind those certificates depends on mathematical challenges that traditional computers can’t realistically solve within a practical timeframe.
The arrival of quantum systems would fundamentally disrupt this model. Shor’s algorithm, a quantum factoring technique, has the theoretical capability to compromise the cryptographic schemes underpinning today’s digital certificates, stripping them of their security guarantees.
The obvious solution is to adopt quantum-resistant cryptography. The challenge, however, lies in its size. Today’s standard X.509 certificates, used by browsers worldwide, are typically about 64 bytes. Their quantum-safe counterparts would expand to roughly 2.5 kilobytes, a roughly 40-fold increase that carries real implications for performance and infrastructure.
During the TLS handshake, browsers fetch certificate data as part of establishing a secure session. Expanding certificate size significantly increases the payload transferred at connection time, potentially affecting latency. Should performance degrade in a visible way, user adoption of the added security layer could suffer.
To address this issue, Google is turning to a cryptographic technique known as a Merkle tree.
“MTCs replace the heavy, serialized chain of signatures found in traditional PKI with compact Merkle tree proofs,” Google wrote. “In this model, a certification authority (CA) signs a single ‘Tree Head’ representing potentially millions of certificates, and the ‘certificate’ sent to the browser is merely a lightweight proof of inclusion in that tree.”
Although it may appear technical, the core idea is simple. Instead of downloading a full certificate for each website, the browser receives a smaller proof. Certificate authorities can sign one large batch covering many sites, keeping the data transferred to the browser close to the original 64-byte size.
Chrome has begun live-testing the Merkle Tree Certificate system in partnership with Cloudflare, with roughly 1,000 certificates currently running through the framework. For now, each connection also carries a traditional certificate as a fallback, ensuring stability during the trial phase.
The wider rollout is expected to continue through 2027, when Google intends to introduce a dedicated quantum-resistant trust store operating alongside the current Chrome Root Store.
An added advantage of this model is that certificate transparency is built in. The new certificates must appear in a publicly verifiable log before they can be issued, reducing the chances of forged or unauthorized certificates going undetected.
Maybe you would like other interesting articles?