Google has stopped quantum security in Chrome due to bugs in the middleware or middleware, as the company reports.
Google said Tuesday it temporarily disabled the quantum computer-resistant security feature in Chrome after receiving bug reports that faulty middleware was causing unexpected web connection failures for the few users who had the feature enabled.
The function is known as Combined Elliptic-Curve and Post-Quantum 2, or simply CECPQ2, and was developed to improve cryptography in TLS connections. So when quantum computers come out, possible maliciousι χρήστες να μην μπορούν να αποκρυπτογραφήσουν την κίνηση HTTPS και να έχουν access in secure communications.
The CECPQ2 first developed in 2016, together with its engineers Cloudflare, and was present in Chrome 91 released in May of this year. It was initially enabled for all domains starting with the letter “A” so that Google engineers could test the behavior of the new feature while they were still working on it.
The feature seems to have worked by adding a basic homogeneous key to the Chrome TLS trading component to further secure an encrypted HTTPS connection.
The error occurred because CECPQ2 generates larger TLS packets.
Google reported that some middleware devices could not handle these packages, resulting in unexpected connection failures.
With the release of Chrome 93 yesterday, Google announced that it was temporarily disabling CECPQ2 for all users to work with middleware vendors to resolve the issue.
Google has stated that CECPQ2 will remain disabled for Chrome 93 and 94 release cycles, and that it is not committed to re-enabling it in Chrome 95.
Users who still want to use CECPQ2 can reactivate it manually for all domains by teasing the following flag. Just change it to "Enabled".
chrome://flags/#post-quantum-cecpq2
According to a document [PDF] published last month, the US National Security Agency (NSA) says it knows of no quantum computers capable of breaking current algorithms encryptions.
