Post-Quantum Cryptography at Google

Google, one of the front runners in the race for quantum computing, announced their first experiments with post-quantum cryptography. Why does it matter? If Google is starting to worry about post-quantum cryptography, maybe they had a breakthrough in large scale universal quantum computing?

See the original blog post here: https://security.googleblog.com/2016/07/experimenting-with-post-quantum.html

Google’s Post-quantum cryptography experiment

It’s time to explore options for quantum safe algorithms beyond theoretical implementations. Google has launched “CECPQ1” — a post-quantum key exchange algorithm on top of the standard ECC algorithm — live on Google Canary!

Research began with the “New Hope” algorithm developed by Alkim, Ducas, Pöppelmann, and Schwabe, building upon’s Microsoft’s work by Bos, Costello, Naehrig, and Stebila. Bos et al implemented the lattice-based “Ring-Learning-With-Errors”(R-LWE) into the TLS protocol. The thorough paper covers implementation and integration into TLS, as well as performance tests. The later “New Hope” paper focuses on optimizing and building upon the previous work, speeding up computation by 10x or more. All this demonstrates that post-quantum cryptography is practical at this time.

Google’s experiment focuses on a LWE-based key exchange (LWE being a less specialized problem than R-LWE) in their…