Google Chrome Introduces Merkle Tree Certificates to Strengthen HTTPS Against Quantum Attacks

Google Chrome’s Secure Web and Networking Team has announced a major step toward building a quantum-safe internet.

The browser will adopt a new cryptographic mechanism called Merkle Tree Certificates (MTCs), a project grounded in the Internet Engineering Task Force’s (IETF) PLANTS (PKI, Logs, and Tree Signatures) working group.

This initiative aims to protect HTTPS traffic against the potential risks posed by quantum computing, which could one day break traditional encryption methods.

While post-quantum cryptographic (PQC) algorithms exist, they demand far larger key sizes that slow down connections and increase bandwidth usage, especially in current X.509 certificate chains used for TLS/HTTPS security.

Merkle Tree Certificates are a lightweight, scalable alternative to conventional digital certificates.

Instead of chaining multiple large cryptographic signatures, MTCs use a compact cryptographic proof system tied to a single “Tree Head” signed by a Certification Authority (CA).

This Tree Head can securely represent millions of certificates, dramatically improving efficiency.

According to Google, browsers like Chrome will only need to download a small proof of inclusion to confirm validity. This makes encryption fast while ensuring the same or better security levels.

• Performance: MTCs reduce handshake sizes, keeping HTTPS sessions lightweight even with post-quantum algorithms.
• Transparency: Each certificate is automatically included in a public tree, inheriting the advantages of today’s Certificate Transparency (CT) ecosystem without additional overhead.
• Scalability: CAs can securely handle millions of certificates while maintaining post-quantum security standards.

Chrome’s Deployment Phases

Google has outlined a three-phase rollout strategy to integrate MTCs into Chrome’s security architecture safely and gradually.

Phase 1 (Ongoing – 2026):
Chrome, in partnership with Cloudflare, is running live experiments to measure performance. During this stage, MTC-backed connections are supported by traditional X.509 certificates to ensure users remain protected.

Phase 2 (Q1 2027):
Once initial testing succeeds, Chrome will invite reliable CT log operators to establish public MTC infrastructures. Operators with strong uptime and existing CT expertise will be prioritized for this step.

Phase 3 (Q3 2027):
The initiative concludes with the launch of the Chrome Quantum-resistant Root Store (CQRS), a dedicated certificate trust store supporting only MTCs. Websites will be able to opt in to use CQRS certificates, ensuring quantum security while maintaining backward compatibility.

Google emphasizes that the MTC project also supports a larger modernization effort across TLS management.

This includes focusing on Automated Certificate Management Environment (ACME) workflows for resilience, efficient revocation status handling, and the move toward reproducible Domain Control Validation (DCV) to improve trust and oversight.

As the global community advances PQC standards, Chrome promises ongoing collaboration with existing certificate authorities and internet infrastructure providers to ensure a smooth and secure transition.

Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google.

The post Google Chrome Introduces Merkle Tree Certificates to Strengthen HTTPS Against Quantum Attacks appeared first on Cyber Security News.