{"id":130,"date":"2026-03-02T19:27:05","date_gmt":"2026-03-02T19:27:05","guid":{"rendered":"https:\/\/thedigitalfortress.us\/?p=130"},"modified":"2026-03-02T19:27:05","modified_gmt":"2026-03-02T19:27:05","slug":"google-develops-merkle-tree-certificates-to-enable-quantum-resistant-https-in-chrome","status":"publish","type":"post","link":"https:\/\/thedigitalfortress.us\/?p=130","title":{"rendered":"Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome"},"content":{"rendered":"
\n

\ue804<\/i>Ravie Lakshmanan<\/span>\ue802<\/i>Mar 02, 2026<\/span><\/span>Cryptography \/ Browser Security<\/span><\/p>\n<\/div>\n

\n
<\/a><\/div>\n

Google has announced a new program in its Chrome browser to ensure that HTTPS certificates are secure against the future risk posed by quantum computers.<\/p>\n

\u00abTo ensure the scalability and efficiency of the ecosystem, Chrome has no immediate plan to add traditional X.509 certificates<\/a> containing post-quantum cryptography to the Chrome Root Store<\/a>,\u00bb the Chrome Secure Web and Networking Team said<\/a>.<\/p>\n

\u00abInstead, Chrome, in collaboration with other partners, is developing an evolution<\/a> of HTTPS certificates based on Merkle Tree Certificates<\/a> (MTCs), currently in development in the PLANTS working group.\u00bb<\/p>\n

As Cloudflare explains, MTC is a proposal<\/a> for the next generation of the Public Key Infrastructure (PKI) used to secure the internet that aims to reduce the number of public keys and signatures in the TLS handshake to the bare minimum required.<\/p>\n

\n
\"Cybersecurity\"<\/a><\/div>\n<\/div>\n

Under this model, a Certification Authority (CA) signs a single ‘Tree Head’ representing potentially millions of certificates, and the ‘certificate’ sent to the browser is a lightweight proof of inclusion in that tree, Google said.<\/p>\n

In other words, MTCs facilitate the adoption of post-quantum algorithms without having to incur additional bandwidth associated with classical X.509 certificate chains. The approach, the company added, decouples the security strength of the corresponding cryptographic algorithm from the size of the data transmitted to the user.<\/p>\n

\u00abBy shrinking the authentication data in a TLS handshake to the absolute minimum, MTCs aim to keep the post-quantum web as fast and seamless as today’s internet, maintaining high performance even as we adopt stronger security,\u00bb Google said.<\/p>\n

The tech giant said it’s already experimenting with MTCs with real internet traffic and that it plans to gradually expand the rollout in three distinct phases by the third quarter of 2027 –<\/p>\n