this post was submitted on 28 Feb 2026
31 points (86.0% liked)

Technology

82000 readers
2992 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
31
Google quantum-proofs HTTPS by squeezing 2.5kB of data into 64-byte space (arstechnica.com)
submitted 23 hours ago by Itwasntme223@discuss.online to c/technology@lemmy.world
2 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[โ€“] Deestan@lemmy.world 24 points 22 hours ago (1 children)

I hope there's more to it than presented here, because this can be summarized as "64 bytes is too weak, so we make it bigger. Solved. The big is too big so we reduce it to 64 bytes. Solved."

The strong certificate is not part of the end check, but proven via merkle tree reference. At the end of the day the end user check is only verifying 64 bytes of proof.

So it is kinda pointless? Can I attack the merkle tree reference to claim the strong certificate is used when it is not?

What am I missing?

[โ€“] dustletter@piefed.blahaj.zone 4 points 10 hours ago

The server still has to send its own key, so that part is bigger. They're making up the space by replacing traditional CA signatures and intermediate certificates with merkle tree hash-based signatures.

Raw number of bytes can't be directly compared between cryptography schemes, cryptographic hashes make very efficient use of space and don't have the same quantum weaknesses that old public key cryptography has. The quantum-unsafe RSA signatures being replaced are about 256 bytes, the new ML-DSA signatures are about 2400 bytes, and SHA-256 Merkle tree references are 32 bytes for the same level of security and quantum-proofness.