Google Announces New Program for Quantum-Resistant HTTPS
Google has announced a new initiative within its Chrome browser aimed at ensuring that HTTPS certificates are secure against the future threat posed by quantum computers. The company’s Secure Web and Networking Team stated, “To ensure scalability and efficiency of the ecosystem, Chrome has no immediate plan to add traditional X.509 certificates containing post-quantum cryptography to the Chrome Root Store.” Instead, Google is collaborating with other partners to develop an evolution of HTTPS certificates based on Merkle Tree Certificates (MTCs).
Merkle Tree Certificates: A New Approach
As Cloudflare explains, MTC is a proposal for the next generation of Public Key Infrastructure (PKI) used to secure the internet. This approach aims to reduce the number of public keys and signatures in the TLS handshake to the bare minimum required. Under this model, a Certification Authority (CA) signs a single ‘Tree Head’ representing potentially millions of certificates, and the ‘certificate’ sent to the browser is a lightweight proof of inclusion in that tree.
Benefits of Merkle Tree Certificates
MTCs facilitate the adoption of post-quantum algorithms without having to incur additional bandwidth associated with classical X.509 certificate chains, Google said. This approach decouples the security strength of the corresponding cryptographic algorithm from the size of the data transmitted to the user.
Google’s Plan for MTCs
The tech giant is already experimenting with MTCs using real internet traffic and plans to gradually expand the rollout in three distinct phases by the third quarter of 2027:
- Phase 1 (In progress): Google is conducting a feasibility study in collaboration with Cloudflare to evaluate the performance and security of TLS connections relying on MTCs.
- Phase 2 (Q1 2027): Google plans to invite Certificate Transparency (CT) Log operators with at least one ‘usable’ log in Chrome before February 1, 2026, to participate in the initial bootstrapping of public MTCs.
- Phase 3 (Q3 2027): Google will finalize the requirements for onboarding additional CAs into the new Chrome Quantum-resistant Root Store (CQRS) and corresponding Root Program that only supports MTCs.
Future of Post-Quantum Security
“We view the adoption of MTCs and a quantum-resistant root store as a critical opportunity to ensure the robustness of the foundation of today’s ecosystem,” Google said. By designing for the specific demands of a modern, agile internet, we can accelerate the adoption of post-quantum resilience for all web users.
元記事: https://thehackernews.com/2026/03/google-develops-merkle-tree.html