In cryptography, CECPQ1 (combined elliptic-curve and post-quantum 1) is a post-quantum cipher developed by Google to make web browsers secure via Transport Layer Security (TLS). It was succeeded by CECPQ2.
CECPQ1 was designed to provide confidentiality even against an attacker who possesses a large quantum computer. It is a key-agreement algorithm plugged into TLS that combines X25519 and NewHope, a ring learning with errors primitive. Even if New Hope turns out to be breakable, the X25519 key-agreement will ensure that it provides at least the security of our existing connections.
In CECPQ1, 32 bytes of shared secret material are derived using X25519 key exchange, with a further 32 bytes being derived using the newhope lattice-based key exchange method (whence the quantum-resistance). The resulting bytes are concatenated and form a pre-master secret for deriving shared keys.
It was succeeded by CECPQ2.
- Elliptic-curve Diffie–Hellman (ECDH) – an anonymous key agreement protocol
- "Chrome: Stop future computers from cracking current encryption". CNET.
- "Chrome 54 Beta Brings Custom Elements V1: Create Custom HTML Tags - Phoronix". Phoronix.
- "CECPQ1 results (28 Nov 2016)". Adam Langley, security officer at Google.