Devon O’Brien, technical program manager for Chrome security, explained on Thursday that starting in Chrome 116 – due August 15 – Google’s browser will include support for X25519Kyber768, an alphanumeric salad that desperately needs a catchy name.
The unwieldy term is a concatenation of X25519, an elliptic curve algorithm that’s currently used in the key agreement process for establishing a secure TLS connection, and Kyber-768, a quantum-resistant KEM that last year won NIST’s blessing for post-quantum cryptography.
Damnit, just when I’d barely managed to wrap my head around ECC, now they slap me with “learning with errors lattice problem”. Anybody have a TS;DR (too stupid; didn’t read) for this class of algorithms?
Imagine a 2D space. In this space, you pick two vectors starting from the same point, of any magnitude and direction you want. For non math people, you pick a point on an infinite paper and draw two lines, as long or short you want, and at any angle you want.
Consider these two lines the sides of a box, and complete them with two mirrored lines to form the complete box (a parallelogram). This box is a tile, called the basis. You start repeating this tile in all directions, indefinitely, and you put points at all the corners of all the boxes. These points form a “skewed” grid, repeating to infinity, called a lattice. This is the simples type of such lattice, in 2D space, with identical tiles and no gaps.
You can also use a different function to generate the tiles, instead of simply repeating identical ones. You could for example alternate tiles the size of the original and half-size tiles. Or you could think of more creative functions, including irrational numbers etc.
As long as the tiles form a repeating pattern and there are no gaps in the grid, it’s called a periodic lattice. You can also make aperiodic lattices (non-repeating patterns, no gaps) and chaotic lattices (non-repeating patterns, with holes in the grid). And you can of course do this in 3D space, or in an N-space with an arbitrary number of dimensions.
To use this for cryptography you take two lattices of different basis (“skewed” differently) in a large N space, and put them against each other. You pick a random point on one of them, and wherever that point falls on the other lattice. Each point will have a different set of coordinates in its own lattice. You use these two sets of coordinates to encrypt/decrypt messages. [Edit: someone linked a video below that explains how with nice visuals, and also gets into the topic of “bad” vs “good” vectors.]
Turns out that for an attacker who only knows the coordinates of one point, finding the coordinates of the other one involves a class of problems called Closest Vector that can be incredibly hard, so hard that not even quantum computers can solve it in a practical amount of time. Whereas for the legit users, coding lattice functions and vector coordinates as cryptography keys can be done very fast, in finite amounts of memory, and with fairly small key sizes.
Huh, interesting, thank you for the explanation. Somewhat surprising that can be used for asymmetric encryption, but that’s probably just due to me not really having a handle on the concept. ECC at least is pretty intuitive
Your answer is much shorter and to the point, but for the people that understand things better with visuals, here’s a Veritasium video about this exact thing
Timestamp 17:50 if you want to skip directly to lattice cryptography.
Thank you for linking it! It’s a lot easier to understand when you have images to go with it, and he goes into details about the actual cryptography that I glossed over.
deleted by creator
Kyber is a to-be-NIST-standardized lattice encryption scheme.
Also, Chrome to fuck us all over to use such technology to force fingerprinting and revealing OS etc. in clear to all websites.