Google has announced plans to improve the resilience of Chrome’s HTTPS certificates against quantum computers by evolving them based on Merkle Tree Certificates (MTCs).
According to Google, the Chrome Root Store will not immediately accept certificates containing post-quantum cryptography, as they would impact the performance and bandwidth usage of TLS connections that require Certificate Transparency (CT).
Instead, Chrome will move towards HTTPS certificates based on MTCs, which use the compact Merkle Tree proofs to eliminate the bandwidth usage of classical X.509 certificate chains.
“In this model, a Certification Authority (CA) signs a single ‘Tree Head’ representing potentially millions of certificates, and the ‘certificate’ sent to the browser is merely a lightweight proof of inclusion in that tree,” Google explains.
MTCs shrink the authentication data in the TLS handshake, decouple the size of the transmitted data from the security strength of the cryptographic algorithm, and ensure that the post-quantum web is as fast as today’s internet while providing stronger security.
“Finally, with MTCs, transparency is a fundamental property of issuance: it is impossible to issue a certificate without including it in a public tree. This means the security properties of today’s CT ecosystem are included by default, and without adding extra overhead to the TLS handshake as CT does today,” Google notes.
Google has been experimenting with MTCs in Chrome and has partnered with Cloudflare to assess the performance and security of TLS connections relying on them. Currently, the MTC-based connections in the browser are backed by trusted X.509 certificates.
In the first quarter of 2027, after the core technology has been validated, CT Log operators who had at least one usable log in Chrome before February 1, 2026, will be invited to participate in bootstrapping public MTCs.
“These organizations have already demonstrated the operational excellence and high-availability infrastructure required to run global security services that underpin TLS connections in Chrome. Since MTC technology shares significant architectural similarities with CT, these operators are uniquely qualified to ensure MTCs are able to get off the ground quickly and successfully,” Google says.
By the third quarter of 2027, Google expects to finalize the requirements for onboarding CAs into a new Chrome Quantum-resistant Root Store (CQRS) and into the corresponding MTCs-only Root Program.
“This will establish a modern, purpose-built trust store specifically designed for the requirements of a post-quantum web. The Chrome Quantum-resistant Root Program will operate alongside our existing Chrome Root Program to ensure a risk-managed transition that maintains the highest levels of security for all users,” the internet giant says.
During the third phase, sites will be able to opt in to downgrade protections, so that only sites interested in using quantum-resistant certificates can do so.
Related: Google Disrupts Chinese Hackers Targeting Telecoms, Governments
Related: NIST’s Quantum Breakthrough: Single Photons Produced on a Chip
Related: Google Patches First Actively Exploited Chrome Zero-Day of 2026
Related: Cyber Insights 2026: Quantum Computing and the Potential Synergy With Advanced AI
