Google Chrome Shifts to ML-KEM for Defense Against Post-Quantum Cryptography

Sep 17, 2024Ravie LakshmananBrowser Security / Quantum Computing

Google has declared its intention to move from KYBER to ML-KEM in the Chrome web browser as a part of its continuous endeavor to safeguard against the threat presented by cryptographically significant quantum computers (CRQCs).

“Incorporating ML-KEM (codepoint 0x11EC) into Chrome will feature a key share prediction for the hybrid model,” as stated by David Adrian, David Benjamin, Bob Beck, and Devon O’Brien from the Chrome Team in a recent announcement. “Both Kyber and ML-KEM will be covered by the PostQuantumKeyAgreementEnabled flag and Chrome’s enterprise policy.”

The adjustments are anticipated to be implemented in Chrome version 131, scheduled for a release in early November 2024, according to the projected timeline. Google highlighted that the two hybrid post-quantum key exchange techniques are fundamentally incompatible, leading to the retirement of KYBER.

“Due to modifications in the final iteration of ML-KEM, it can no longer maintain compatibility with the existing version of Kyber,” articulated the company. “Consequently, the TLS codepoint for hybrid post-quantum key exchange will transition from 0x6399 (Kyber768+X25519) to 0x11EC (ML-KEM768+X25519).”

This development follows the recent release by the U.S. National Institute of Standards and Technology (NIST) of the final versions of the three new encryption algorithms, aimed at fortifying current systems against potential threats from quantum technologies. This release marks the conclusion of an eight-year initiative by the agency.

The algorithms in question, known as FIPS 203 (also referred to as ML-KEM), FIPS 204 (or CRYSTALS-Dilithium, ML-DSA), and FIPS 205 (or Sphincs+, SLH-DSA), are designed for general encryption purposes and ensuring the security of digital signatures. A fourth algorithm, FN-DSA (initially labeled FALCON), is expected to be finalized later this year.

Termed Module-Lattice-based Key-Encapsulation Mechanism, ML-KEM is an evolution of the round-three version of the CRYSTALS-KYBER KEM, designed to facilitate the creation of a shared secret key between two entities communicating through a public channel.

Microsoft is also preparing for a post-quantum era by updating its SymCrypt cryptographic library to support ML-KEM and the eXtended Merkle Signature Scheme, or XMSS.

“Integrating post-quantum algorithm support into the core crypto engine represents the initial step towards achieving quantum-resistant security,” mentioned the tech giant, emphasizing that the transition to post-quantum cryptography (PQC) necessitates meticulous planning due to its intricate and extended nature.

Furthermore, the revelation came in the wake of the discovery of a cryptographic vulnerability in the Infineon SLE78, Optiga Trust M, and Optiga TPM security microcontrollers that could enable the extraction of private keys for the Elliptic Curve Digital Signature Algorithm (ECDSA) from YubiKey hardware authentication devices.

It’s suspected that this cryptographic flaw in the Infineon-supplied library went undetected for approximately 14 years, despite undergoing around 80 of the most stringent Common Criteria certification evaluations.

The side-channel attack, known as EUCLEAK (CVE-2024-45678, CVSS score: 4.9) identified by NinjaLab’s Thomas Roche, impacts all Infineon security microcontrollers embedding the cryptographic library as well as specific YubiKey devices –

• YubiKey 5 Series versions prior to 5.7
• YubiKey 5 FIPS Series prior to 5.7
• YubiKey 5 CSPN Series prior to 5.7
• YubiKey Bio Series versions prior to 5.7.2
• Security Key Series all versions prior to 5.7
• YubiHSM 2 versions prior to 2.4.0
• YubiHSM 2 FIPS versions prior to 2.4.0

“For a successful attack, the adversary must physically possess the YubiKey, Security Key, or YubiHSM, have knowledge of the targeted accounts, and utilize specialized equipment for carrying out the attack,” Yubico, the company behind YubiKey, disclosed in a coordinated advisory.

“Depending on the specific scenario, the attacker may need additional information such as username, PIN, account password, or [YubiHSM] authentication key.”

Due to the deliberate design choice of not allowing updates to existing YubiKey devices with vulnerable firmware versions – a measure taken to enhance security and prevent the introduction of new vulnerabilities – these devices remain perpetually exposed to EUCLEAK.

The company has announced its intention to phase out support for Infineon’s cryptographic library in favor of its own cryptographic library within firmware versions YubiKey f5.7 and YubiHSM 2.4.

An analogous side-channel attack against Google Titan security keys was showcased by Roche and Victor Lomne in 2021, demonstrating the potential to clone the devices through the exploitation of an electromagnetic side-channel in the embedded chip.

“To pull off the [EUCLEAK] attack, physical access to the secure element is required (a few localized electromagnetic side-channel acquisitions, specifically a few minutes, are adequate) to extract the ECDSA secret key,” detailed Roche in a communication. “This allows for the creation of a duplicate FIDO device under the FIDO protocol.”