From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

In cryptography, CECPQ1 (combined elliptic-curve and post-quantum 1) is a post-quantum cipher developed by Google to make web browsers secure via Transport Layer Security (TLS).[1] It was succeeded by CECPQ2.


CECPQ1 was designed to provide confidentiality even against an attacker who possesses a large quantum computer. It is a key-agreement algorithm plugged into TLS that combines X25519 and NewHope, a ring learning with errors primitive. Even if New Hope turns out to be breakable, the X25519 key-agreement will ensure that it provides at least the security of our existing connections.[1]

It was available in Google Chrome 54 beta.[2] In 2016, the experimental use in Chrome ended and it was planned to disable CECPQ1 in a later Chrome update.[3]

In CECPQ1, 32 bytes of shared secret material are derived using X25519 key exchange, with a further 32 bytes being derived using the newhope lattice-based key exchange method (whence the quantum-resistance). The resulting bytes are concatenated and form a pre-master secret for deriving shared keys.

It was succeeded by CECPQ2.

See also[edit]


  1. ^ a b "Chrome: Stop future computers from cracking current encryption". CNET.
  2. ^ "Chrome 54 Beta Brings Custom Elements V1: Create Custom HTML Tags - Phoronix". Phoronix.
  3. ^ "CECPQ1 results (28 Nov 2016)". Adam Langley, security officer at Google.