Google quantum-proofs HTTPS by squeezing 2.5kB of data into 64-byte space
摘要
谷歌计划为Chrome浏览器引入抗量子计算机攻击的HTTPS证书,以应对未来量子计算对现有加密体系的威胁。当前使用的X.509证书约为64字节,而同等安全级别的抗量子证书尺寸约为2.5KB,增大约40倍。证书体积大幅增加可能导致握手速度变慢、影响中间设备性能,并可能因用户体验下降而遭用户禁用。谷歌正与Cloudflare等合作伙伴共同推进此项过渡,致力于在提
Google on Friday unveiled its plan for its Chrome browser to secure HTTPS certificates against quantum computer attacks without breaking the Internet.
The objective is a tall order. The quantum-resistant cryptographic data needed to transparently publish TLS certificates is roughly 40 times bigger than the classical cryptographic material used today. Today’s X.509 certificates are about 64 bytes in size, and comprise six elliptic curve signatures and two EC public keys. This material can be cracked through the quantum-enabled Shor’s algorithm. Certificates containing the equivalent quantum-resistant cryptographic material are roughly 2.5 kilobytes. All this data must be transmitted when a browser connects to a site.
The bigger they come, the slower they move
“The bigger you make the certificate, the slower the handshake and the more people you leave behind,” said Bas Westerbaan, principal research engineer at Cloudflare, which is partnering with Google on the transition. “Our problem is we don’t want to leave people behind in this transition.” Speaking to Ars, he said that people will likely disable the new encryption if it slows their browsing. He added that the massive size increase can also degrade “middle boxes,” which sit between browsers and the final site.
转载信息
评论 (0)
暂无评论,来留下第一条评论吧