The latest update Google Chrome 124 has resulted in technical difficulties for users due to the introduction of a new encryption mechanism called X25519KYBER768, designed to be resistant to quantum attacks.
Google initiated testing of X25519KYBER768 in August and has now integrated it into the most recent version of Chrome for all users. This new version implements a quantum-resistant algorithm for coordinating Kyber768 keys to secure TLS 1.3 and QUIC connections, safeguarding Chrome TLS traffic from quantum cryptanalysis.
The encryption algorithm was intended to defend against attacks known as “Store Now Decrypt Later,” where encrypted data is collected by an attacker to be decoded in the future using quantum technologies. To combat such threats, Apple, Signal, and Google have started implementing quantum-resistant encryption algorithms.
However, the introduction of this new technology has led to issues with connecting to websites, servers, and firewalls, particularly following the initial stage of TLS negotiation known as Clienthello. System administrators have reported that certain web applications and security devices are unable to properly handle the increased data volume in the Clienthello message, resulting in connection failures.
This problem is not limited to Chrome alone, affecting Microsoft Edge 124 as well as various network devices from Fortinet, Sonicwall, Palo Alto Networks, and AWS.