Google recently announced a major plan to make HTTPS certificates resistant to attacks from future quantum computers. This move aims to keep the internet safe without causing major slowdowns or compatibility issues. The challenge is huge because quantum-proof cryptography requires much more data than current methods.

The Size Challenge of Quantum-Resistant Certificates

Today’s HTTPS certificates, like the popular X.509 chain, are relatively small. They usually include six elliptic curve signatures and two public keys, all totaling around 4 kilobytes. This data gets sent every time a user connects to a website. With quantum-resistant cryptography, the size jumps dramatically—up to 40 times larger. The new data needed to prevent quantum attacks can reach about 15 kilobytes for just a single certificate.

This increase in size could slow down website connections and create problems for devices and networks that handle a lot of traffic. Larger certificates mean longer handshake times, which can lead to slower browsing experiences. Some experts worry that this could cause many users to disable the new security features, defeating the purpose of the upgrade.

Balancing Security and Performance

Google is working with partners like Cloudflare to find solutions that keep security strong without harming performance. One of the main concerns is that bigger certificates may cause issues with middleboxes—devices between the browser and the website—that help manage internet traffic. These devices might struggle with larger data packets, leading to slower connections or failures.

Bas Westerbaan, a researcher at Cloudflare, explained that the goal is to protect everyone during the transition to quantum-safe encryption. He emphasized that if the new certificates slow down browsing too much, many users might turn them off. Google’s challenge is to develop cryptography that is both secure against quantum threats and practical for everyday use.

Overall, this effort shows how the tech industry is preparing for a future where quantum computers could break current encryption methods. While the technical hurdles are significant, the goal is to strengthen internet security without sacrificing speed or accessibility. It’s a delicate balance, but one that’s crucial for a safe digital future.

Inspired by

• https://arstechnica.com/security/2026/02/google-is-using-clever-math-to-quantum-proof-https-certificates/

Sources

• wikipedia.org
• wikipedia.org
• wikipedia.org
• cloudflare.com
• googleblog.com