X25519Kyber768: Post-Quantum Hybrid Algorithm Supported by Google Chrome
Chrome now introduces the X25519Kyber768 algorithm for TLS symmetric secrets, beginning in Chrome 116 and accessible via a flag in Chrome 115.
This hybrid mechanism combines the output of two cryptographic algorithms to create the session key used to encrypt the bulk of the TLS connection:
- X25519 — an elliptic curve algorithm widely used for key agreement in TLS today
- Kyber-768 — a quantum-resistant Key Encapsulation Method, approved by NIST
Enable Client Support of Kyber in Google Chrome
If your Google Chrome browser is running version 116 or later, you can enable Kyber support. Simply open your browser and enter the following in the address bar: chrome://flags/#enable-tls13-kyber.
You should be able to locate the setting named TLS 1.3 hybridized Kyber support. If your browser settings are on Default, switch them to Enabled.
Testing the new algorithm
To check if you have enabled Kyber support correctly, it can easily be done using the Cloudflare Research PQC Key Agreement checker tool. You will see if your browser has enabled Kyber support.
Also you can use Chrome’s Developer’s Tools by navigating to the Security tab. It will show the key exchange algorithm used for TLS key exchange.
With X25519Kyber768 enabled in your browser, try visiting different websites to see if your communication is quantum-secure.