back to top

Google Introduces ML-KEM: An Encryption Against the Quantum Attacks

Protection from both Quantum and Classic attacks...

Reviewed By: reviewer avatar Amit Malewar
reviewer avatar Amit Malewar
Amit Malewar is a science communicator, entrepreneur, and blogger. He is the Founder and CEO of Tech Explorist and Inceptive Mind, platforms dedicated to sharing scientific research, innovations, and sustainable living. Amit is passionate about making science accessible and inspiring others with the latest advancements in technology and innovation. He enjoys playing games and playing on the PlayStation in his spare time.

Quantum Computers, when built on a sufficient level, can break the existing cryptographic algorithms in use. While TLS’s symmetric encryption algorithms protect the data in transit and are considered safe against quantum attacks, the way it creates symmetric keys is still vulnerable. Therefore, harnessing the technology that protects the data in transit from quantum attacks is very crucial now.

Back in August 2023, Google announced the preparation of Chrome for the migration to quantum-resistant cryptography. In those efforts, Google was testing and deploying new quantum-resistant algorithms like X25519 or Kyber (X25519Kyber768).

The post-quantum algorithm, X25519Kyber768, adds over a kilobyte of extra data to the TLS ClientHello message. Post-quantum algorithms are vital in resisting attacks from quantum computers.

At that time, the use of Kyber was experimental, as the NIST standardization process for Kyber was not yet finalized. Now Google has announced that minor technical changes have been made to Kyber and renamed to the Module Lattice Key Encapsulation Mechanism (ML-KEM), which will be rolling out to 100% of Chrome Desktop clients. Meaning, that the Kyber experiment is over and ML-KEM is in use. Google has implemented ML-KEM in Google’s cryptography library, BoringSSL. Now, any service that depends on BoringSSL will benefit from ML-KEM which protects from both quantum and classic attacks.

Google’s New Quantum Encryption Algorithm, ML-KEM, makes its way to Chrome 131

As Chrome will not support Kyber and ML-KEM at the same time and Kyber was always an experimental quantum encryption algorithm, Google retires Kyber as it risks ossification, a process where non-standard algorithms become entrenched, on non-standard algorithms. Moreover, Google says, “Post-quantum cryptography is too big to be able to offer two post-quantum key share predictions at the same time”.

As Google intends to not regress any clients’ post-quantum security, Chrome 131 will switch from Kyber to ML-KEM, which can be enabled by flag – PostQuantumKeyAgreementEnabled. The flag will be available in stable Chrome 131, which is expected to go live on November 6. Before enabling the flag, it is important to note that enterprise policy will apply to both Kyber and ML-KEM.

chrome flags that use ml-kem
These flags use ML KEM

As of now, Chrome Canary version 131.0.6727.0 has two flags that use the ML-KEM standard as the post-quantum key agreement in TLS 1.3; #use-ml-kem and #enable-tls13-kyber.

Read More

Trending Now