Google, along with other browser developers, mandates that all TLS certificates be recorded in public transparency logs, which function as distributed and append-only ledgers. This allows website owners to monitor these logs in real time to ensure that unauthorized certificates haven’t been issued for their domains. These transparency measures were introduced following the 2011 hacking incident involving DigiNotar, a Dutch company that led to the creation of 500 fake certificates for Google and other sites, some of which were exploited to surveil internet users in Iran.

If it becomes actionable, Shor’s algorithm could potentially replicate classical encryption signatures and compromise traditional encryption public keys seen in certificate logs. This could enable an adversary to fabricate signed certificate timestamps that indicate to a browser or operating system that a certificate is registered, even if it isn’t.

To prevent such scenarios, Google is incorporating cryptographic elements from quantum-resistant algorithms, particularly ML-DSA. This enhancement would mean that forgeries could only occur if both classical and post-quantum encryption were compromised. This initiative is part of Google’s quantum-resistant root store, which is intended to complement the Chrome Root Store established by the company in 2022.

The Merkle Tree Certificates (MTCs) utilize Merkle Trees to provide assurances against quantum threats regarding the publication of a certificate, without requiring the lengthy keys and hashes commonly associated with such processes. Westerbaan mentioned that through various methods to reduce data sizes, the MTCs will maintain an approximate length of 4kB.

This new framework has already been integrated into Chrome. Currently, Cloudflare is registering around 1,000 TLS certificates to evaluate the effectiveness of the MTCs. At present, Cloudflare is responsible for generating the distributed ledger; however, the intention is for Certificate Authorities to eventually take over that responsibility. Recently, the Internet Engineering Task Force established a working group named PKI, Logs, And Tree Signatures, to collaborate with other key stakeholders in formulating a long-term solution.

“We regard the adoption of MTCs and a quantum-resistant root store as a vital step in fortifying the core of today’s ecosystem,” stated Google in a recent blog post. “By catering to the unique requirements of a fast-evolving internet, we can expedite the adoption of post-quantum resilience for all web users.”

This post has been updated to clarify the reported sizes of various components.