Google Chrome Adds Post-Quantum Cryptography: X25519Kyber768 Key Encapsulation Now Default

Google has updated Chrome to enable post-quantum cryptography by default using the X25519Kyber768 hybrid key encapsulation mechanism (KEM), making Chrome one of the first major browsers to ship quantum-safe TLS by default for all users. The change, described by TechNewsWorld, transitions Chrome's TLS handshake from purely classical elliptic-curve Diffie-Hellman to a hybrid mode combining X25519 (classical) with Kyber768 (NIST-selected post-quantum KEM), protecting against harvest-now-decrypt-later attacks by quantum computers. The rollout affects developers who operate TLS-terminating proxies, load balancers, or middleboxes that may reject extended TLS ClientHello messages produced by the larger post-quantum key exchange.

Key Takeaways

• Chrome ships X25519Kyber768 hybrid post-quantum TLS key encapsulation as default for all users — combines classical X25519 ECDH with Kyber768 (NIST FIPS 203 ML-KEM finalist)
• Targets harvest-now-decrypt-later attacks: adversaries capturing today's TLS traffic could eventually decrypt it with quantum computers; hybrid mode protects forward secrecy against that threat
• Operators of TLS-terminating reverse proxies, WAFs, or enterprise middleboxes should verify compatibility with extended TLS ClientHello messages — some older TLS stacks reject unknown extension data

Original source: TechNewsWorld