Some Google Chrome users are reporting problems connecting to websites, servers and firewalls following the release of Chrome 124 earlier this month, according to Bleeping Computer.
The latest version of the browser introduced the new quantum-resistant X25519Kyber768 encapsulation mechanism, which was enabled by default.
Testing of the post-quantum secure TLS key encapsulation mechanism started last August, but since its public launch, it has already caused a headache for the browser’s users.
Quantum-resistant cryptography is breaking Chrome for some users
An email sent on behalf of Chrome’s security workers explains the necessity behind implementing quantum-resistant tools now, despite the current threat being minimal:
“This protects users’ traffic from so-called “store now decrypt later” attacks, in which a future quantum computer could decrypt encrypted traffic recorded today.”
A separate blog post confirms the nature of the advanced tool: “This is a hybrid X25519 and Kyber768 key agreement based on an IETF standard.”
Despite months of testing, the problem seems to have risen from web servers failing to adequately implement TLS, rather than an issue with Chrome. The error results in the rejection of connections that use the Kyber768 quantum-resistant key agreement algorithm, including connections with Chrome’s hybrid key.
Clearly, this is not a simple fix that can be implemented by Chrome, but it requires a larger and more orchestrated effort to transform the Internet into one that can handle sophisticated quantum-safe cryptography.
For now, affected users are being advised to disable the TLS 1.3 hybridized Kyber support in Chrome. However, long-term post-quantum secure ciphers will be essential in TLS, and the ability to disable the feature will likely be removed in the future, highlighting the importance of addressing the issue’s route cause earlier on so that websites can be prepared for quantum-based attacks in the future.
+ There are no comments
Add yours