Google's Chrome team has introduced a new initiative aimed at safeguarding HTTPS connections from potential future threats posed by quantum computers. This effort is centered on reinventing the way digital certificates function to ensure they can resist quantum-driven attacks without compromising web performance.
This initiative comes in the wake of the establishment of a new working group at the Internet Engineering Task Force (IETF) called PLANTS, which stands for PKI, Logs and Tree Signatures.
The PLANTS group is tackling the technical challenges associated with quantum-resistant cryptography, which often results in larger data sizes during TLS connections. These larger certificates can lead to performance and bandwidth issues, especially for systems that depend on Certificate Transparency logs.
Shifting Beyond Traditional Certificates
Instead of merely integrating larger post-quantum X.509 certificates into its current root store, Chrome is partnering with industry players to create Merkle Tree Certificates (MTCs). These new certificates are being standardized within the PLANTS working group.
MTCs replace the conventional chain of digital signatures with a compact proof derived from a Merkle tree structure.
In this innovative approach, a Certification Authority signs a single "Tree Head" that can represent millions of certificates, rather than signing each certificate individually. Browsers then receive a lightweight proof that confirms a site's inclusion in the tree.
This method is designed to minimize the amount of authentication data transmitted during a TLS handshake and integrates transparency into the certificate issuance process, eliminating the need for separate Certificate Transparency checks.
Three-Phase Rollout Underway
Chrome has already initiated testing of MTCs on live internet traffic and has outlined a three-phase deployment plan:
-
Phase 1 is currently in progress, featuring a feasibility study with Cloudflare. Each MTC-backed connection will be paired with a traditional X.509 certificate as a safety measure.
-
Phase 2 is scheduled for the first quarter of 2027, which will involve selected Certificate Transparency log operators to help facilitate the public deployment of MTCs.
-
Phase 3, anticipated in the third quarter of 2027, will introduce the Chrome Quantum-resistant Root Store, a dedicated trust framework exclusively for MTCs.
This new root program will operate alongside Chrome's existing root store to ensure a smooth transition and maintain stability.
Beyond the technical aspects, Chrome aims to use this transition as an opportunity to modernize certificate governance. Proposed enhancements include workflows based solely on ACME, streamlined revocation systems, and improved oversight models designed for continuous, externally verifiable monitoring.
The Chrome team also confirmed that it will continue to support existing certificate authorities within the current Chrome Root Store while developing infrastructure for quantum-resistant HTTPS. Traditional X.509 certificates utilizing quantum-safe algorithms may still be supported in private PKIs later this year.
"As we implement and refine our work on MTCs, we look forward to sharing a concrete policy framework for a quantum-resistant root store with the community, and are eager to establish clear pathways for organizations to function as Chrome-trusted MTC CAs," concluded the Chrome team.
