CECPQ1

In cryptography, CECPQ1 (combined elliptic-curve and post-quantum 1) is a post-quantum cipher developed by Google to make web browsers secure via Transport Layer Security (TLS).^[1] It was succeeded by CECPQ2.

Details

CECPQ1 was designed to provide confidentiality even against an attacker who possesses a large quantum computer. It is a key-agreement algorithm plugged into TLS that combines X25519 and NewHope, a ring learning with errors primitive. Even if New Hope turns out to be breakable, the X25519 key-agreement will ensure that it provides at least the security of our existing connections.^[1]

It was available in Google Chrome 54 beta.^[2] In 2016, the experimental use in Chrome ended and it was planned to disable CECPQ1 in a later Chrome update.^[3]

In CECPQ1, 32 bytes of shared secret material are derived using X25519 key exchange, with a further 32 bytes being derived using the newhope lattice-based key exchange method (whence the quantum-resistance). The resulting bytes are concatenated and form a pre-master secret for deriving shared keys.

It was succeeded by CECPQ2.

References

^ ^a ^b "Chrome: Stop future computers from cracking current encryption". CNET.
^ "Chrome 54 Beta Brings Custom Elements V1: Create Custom HTML Tags - Phoronix". Phoronix.
^ "CECPQ1 results (28 Nov 2016)". Adam Langley, security officer at Google.

[cnet-1] "Chrome: Stop future computers from cracking current encryption". CNET.

[phoronix-2] "Chrome 54 Beta Brings Custom Elements V1: Create Custom HTML Tags - Phoronix". Phoronix.

[results-3] "CECPQ1 results (28 Nov 2016)". Adam Langley, security officer at Google.

[1]

[2]

[3]

Details

See also

References