{"id":44086,"date":"2026-03-03T05:25:30","date_gmt":"2026-03-02T21:25:30","guid":{"rendered":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/2026\/03\/03\/chrome-unveils-plan-for-quantum-safe-https-certificates-infosecurity-magazine\/"},"modified":"2026-03-03T05:25:30","modified_gmt":"2026-03-02T21:25:30","slug":"chrome-unveils-plan-for-quantum-safe-https-certificates-infosecurity-magazine","status":"publish","type":"post","link":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/2026\/03\/03\/chrome-unveils-plan-for-quantum-safe-https-certificates-infosecurity-magazine\/","title":{"rendered":"Chrome Unveils Plan For Quantum-Safe HTTPS Certificates – Infosecurity Magazine"},"content":{"rendered":"

Google's Chrome team has launched a new initiative to protect HTTPS connections from the future threat of quantum computers. The effort focuses on redesigning how digital certificates work so they can withstand quantum-powered attacks without slowing down the web.<\/p>\n

The move follows the formation of a new working group at the Internet Engineering Task Force (IETF) called PLANTS, short for PKI, Logs and Tree Signatures.<\/p>\n

The group is addressing technical hurdles linked to quantum-resistant cryptography, which typically increases the size of data exchanged during TLS connections. Larger certificates can create performance and bandwidth challenges, particularly for systems relying on Certificate Transparency logs.<\/p>\n

Why Chrome Is Moving Beyond Traditional Certificates<\/strong><\/h3>\n

Rather than adding larger post-quantum X.509 certificates to its existing root store, Chrome is collaborating with industry partners to develop Merkle Tree Certificates (MTCs). These certificates are being standardized within the PLANTS working group.<\/p>\n

MTCs replace the traditional chain of digital signatures with compact proof derived from a Merkle tree structure.<\/p>\n

Instead of signing each certificate individually, a Certification Authority signs a single "Tree Head" that can represent millions of certificates. Browsers then receive a lightweight proof confirming a site's inclusion in that tree.<\/p>\n

The approach is designed to reduce the amount of authentication data transmitted during a TLS handshake. It also embeds transparency directly into the certificate issuance process, removing the need for separate Certificate Transparency checks.<\/p>\n

Read more on quantum-resistant cryptography: Quantum Computers Are Coming for Your Crypto Keys, But Not Yet<\/a><\/em><\/p>\n

Three-Phase Rollout Underway<\/strong><\/h3>\n

Chrome has already begun testing MTCs on live internet traffic and outlined a three-stage deployment plan:<\/p>\n

    \n
  • \n

    Phase 1, currently underway, includes a feasibility study with Cloudflare, with every MTC-backed connection paired with a traditional X.509 certificate as a fail-safe<\/p>\n<\/li>\n

  • \n

    Phase 2, scheduled for the first quarter of 2027, will invite selected Certificate Transparency log operators to help bootstrap public MTC deployment<\/p>\n<\/li>\n

  • \n

    Phase 3, planned for the third quarter of 2027, will introduce the Chrome Quantum-resistant Root Store, a new trust framework dedicated solely to MTCs<\/p>\n<\/li>\n<\/ul>\n

    The new root programme will operate alongside Chrome's existing root store to ensure continuity and stability during the transition.<\/p>\n

    Beyond the technical framework, Chrome says it is using the transition to modernize certificate governance. Proposed updates include ACME-only workflows, streamlined revocation systems and enhanced oversight models designed for continuous, externally verifiable monitoring.<\/p>\n

    The team also confirmed it will continue supporting existing certificate authorities within the current Chrome Root Store, while building infrastructure for quantum-resistant HTTPS. Traditional X.509 certificates using quantum-safe algorithms may still be supported in private PKIs later this year.<\/p>\n

    "As we execute and refine our work on MTCs, we look forward to sharing a concrete policy framework for a quantum-resistant root store with the community, and are excited to learn and define clear pathways for organizations to operate as Chrome-trusted MTC CAs," the Chrome team concluded.<\/p>\n","protected":false},"excerpt":{"rendered":"

    Google's Chrome team has launched a new initiative […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-44086","post","type-post","status-publish","format-standard","hentry","category--infosecurity-magazine"],"_links":{"self":[{"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/posts\/44086","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/comments?post=44086"}],"version-history":[{"count":0,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/posts\/44086\/revisions"}],"wp:attachment":[{"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/media?parent=44086"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/categories?post=44086"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/tags?post=44086"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}