Google has announced plans to protect HTTPS certificates in the Chrome browser from threats posed by future quantum computers. The main challenge is to implement quantum-resistant cryptography without slowing down internet performance. The problem lies in the fact that the required data is approximately 40 times larger than what is used today: a classical X.509 certificate chain occupies about 4 KB, while its quantum-resistant counterpart could reach 15 KB. Google and its partner Cloudflare have found a way to pack these 15 KB into just 700 bytes.

The threat of quantum computers to modern cryptography is considered one of the key cybersecurity challenges of the future. Shor's algorithm, running on a sufficiently powerful quantum computer, could break the widely used elliptic curve cryptography. Each such key or signature occupies only 64 bytes but is vulnerable to quantum attack. Transitioning to resistant algorithms is inevitable, but their large size creates practical difficulties for website loading speeds and network equipment performance.

The technical solution involves applying the Merkle tree data structure. In this model, the Certificate Authority (CA) signs not each certificate individually, but a single 'tree root' representing millions of certificates. The browser receives not the entire heavy chain of signatures, but a compact 'inclusion proof' within this tree. This proof verifies that a specific certificate is part of a large signed set and occupies only hundreds of bytes instead of kilobytes.

As noted by Bas Westerbaan, lead researcher at Cloudflare, Google's partner in this project, the main goal is not to leave users behind due to slowdowns. 'The larger you make the certificate, the slower the handshake and the more people you lose,' he explained. He also pointed to the risk of degraded performance of 'middle boxes'—network equipment between the browser and the site that may not handle the sharply increased data volume.

For the web security industry, this step marks the beginning of a practical, rather than theoretical, transition to post-quantum infrastructure. Implementing Merkle trees for certificates could become a standard that allows scaling protection without overloading the network. For ordinary users, this should remain unnoticeable: security will improve while website loading speeds remain unaffected, which is critically important for mass adoption of the new technology.

The project's prospects are tied to its integration into Chrome and subsequent adoption by other browsers and certificate authorities. The final standardization of the approach and ensuring compatibility with the full spectrum of internet infrastructure remain open questions. The success of this transition will determine how smoothly and securely the global network will navigate the advent of the quantum computing era.