Google is preparing for the possibility that quantum computers may be built with the ability to decrypt any of today's internet communications, through a new experimental encryption key exchange algorithm in its Chrome desktop web browser.
Quantum computers have already been built by Google, Microsoft, Intel and IBM, but are small and experimental. Google software engineer Matt Braithwaite said it's not certain large machines will ever be built, but the possibility that they might come into existence and break today's encryption has to be taken into account.
"While it's still very early days for quantum computers, we're excited to begin preparing for them, and to help ensure our users' data will remain secure long into the future," Braithwaite said.
Braithwaite said "bleeding edge" or early adopter desktop versions of Google's Canary Chrome web browser will from today have a post-quantum key exchange algorithm experiment enabled.
This will be used by a small fraction of connections between Chrome Canary and Google's servers - on top of the existing elliptic-curve key exchange algorithm - to set up TLS 1.2 protected communications.
Braithwaite said this allowed Google to experiment with post-quantum encryption without affecting user security. If the post-quantum algorithm is breakable with today's computers, the elliptic-curve variant can still provide the best security available.
Users of Chrome Canary can tell if the feature is enabled by opening the security panel and looking for the CECPQ1 key exchange parameter used for TLS connections to Google domains.
For the experiment, Google picked the New Hope post-quantum algorithm [pdf] developed by Erdem Alkim, Léo Ducas, Thomas Pöppelmann and Peter Schwabe.
Google does not intend to make New Hope the defacto post-quantum algorithm standard, and will discontinue the experiment after two years in the hope that something better will have appeared.