PostQuantum.com. Link to the post: https://postquantum.com/security-pqc/googles-merkle-tree-mtc-https/

Summary

Google is moving away from putting post-quantum signatures into traditional X.509 for Chrome. Instead it proposes Merkle Tree Certificates, co-developed with Cloudflare and now in the IETF PLANTS working group. MTCs integrate Certificate Transparency into issuance and swap per-certificate signatures for compact hash-based inclusion proofs. A new Chrome Quantum-resistant Root Store would accept only MTCs.

The driver is signature bloat. A typical TLS handshake carries about 1,248 bytes of authentication today. Replacing those with ML-DSA-44 would jump to roughly 14,724 bytes, which can exceed the TCP initial congestion window and trigger extra round trips that Cloudflare observes cause 60% or more latency slowdowns. MTCs cut post-quantum authentication to as little as 736 bytes and could even make PQ HTTPS smaller than many current chains.

If successful, this architecture could set how billions of TLS connections authenticate in the post-quantum era. It also concentrates more power with browser vendors and leaves non-browser clients with a harder migration story. CISOs should track PLANTS, pilot compatibility across proxies, agents, and embedded clients, and prepare for operational and governance changes from a new root store and CT-integrated issuance.

Read more

See the original article at: https://postquantum.com/security-pqc/googles-merkle-tree-mtc-https/

Popular Tags: