CECPQ2


In cryptography, Combined Elliptic-Curve and Post-Quantum 2 is a quantum secure modification to Transport Layer Security 1.3 developed by Google. It is intended to be used experimentally, to help evaluate the performance of post quantum key-exchange algorithms on actual users’ devices.

Details

Similarly to its predecessor CECPQ1, CECPQ2 aims to provide confidentiality against an attacker with a large scale quantum computer. It is essentially a plugin for the TLS key-agreement part. CECPQ2 combines two key exchange mechanisms: the classical X25519 and HRSS scheme. A slight modification of the algorithm, titled CECPQ2b, uses supersingular isogeny key exchange instead of HRSS.
CECPQ2 uses 32 bytes of shared secret material derived from the classical X25519 mechanism, and 32 bytes of shared secret material derived from the quantum-secure HRSS mechanism. The resulting bytes are concatenated and used as secret key. Concatenation is meant to assure that the protocol provides at least the same security level as widely used X25519, should HRSS be found insecure.
The algorithm was to be deployed on both the server side using Cloudflare’s infrastructure, and the client side using Google Chrome Canary. Since both parties need to support the algorithm for it to be chosen, this experiment is available only to Chrome Canary users accessing websites hosted by Cloudflare.
It was estimated that the experiment started mid-2019. It was considered a step in a general program at Cloudflare to transition to post-quantum safe cryptographic primitives.