Google Chrome's new post-quantum cryptography is causing some issues

News
By
published

Chrome 124 not working? Try this

chrome firefox extensions
Image credit: Shutterstock (Image credit: Shutterstock)

Some Google Chrome users are reporting problems connecting to websites, servers and firewalls following the release of Chrome 124 earlier this month, according to Bleeping Computer.

Released in April 2024, the latest version of the browser introduced the new quantum-resistant X25519Kyber768 encapsulation mechanism, which was enabled by default.

Testing of the post-quantum secure TLS key encapsulation mechanism started in August 2023, but since its public launch, has already caused a headache for the browser’s users.

Quantum-resistant cryptography is breaking Chrome for some users

An email sent on behalf of Chrome’s security workers explains the necessity behind implementing quantum-resistant tools now, despite the current threat being minimal:

“This protects users’ traffic from so-called “store now decrypt later” attacks, in which a future quantum computer could decrypt encrypted traffic recorded today.”

A separate blog post confirms the nature of the advanced tool: “This is a hybrid X25519 and Kyber768 key agreement based on an IETF standard.”

Despite months of testing, the problem seems to have risen from web servers failing to adequately implement TLS, rather than an issue with Chrome. The error results in the rejection of connections that use the Kyber768 quantum-resistant key agreement algorithm, including connections with Chrome’s hybrid key.

Clearly, this is not a simple fix that can be implemented by Chrome, but it requires a larger and more orchestrated effort to transform the Internet into one that can handle sophisticated quantum-safe cryptography.

For now, affected users are being advised to disable the TLS 1.3 hybridized Kyber support in Chrome. However, long-term post-quantum secure ciphers will be essential in TLS, and the ability to disable the feature will likely be removed in the future, highlighting the importance of addressing the issue’s route cause earlier on so that websites can be prepared for quantum-based attacks in the future.

More from TechRadar Pro

Craig Hale
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!