Chrome’s security team will combine Ring-LWE with elliptic curve crypto rather than replace it. That way, they say they can at least be sure the experimental system will remain as strong as its older elliptic curve crypto alone. They’re also limiting the experiment to a small portion of Chrome users in part because the new crypto system adds about two kilobytes of data that must be sent in each direction when the browser makes a new HTTPS connection, which Google is concerned might cause data to be caught in some web filtering systems and firewalls.
Google’s real goal with the experiment, Langley says, is to catalyze the research community to start looking for vulnerabilities in the Ring-LWE algorithm that quantum computing could exploit. “Ring Learning With Errors could turn out to be complete rubbish, and breaking it could be horribly easy even with existing computers, so we’re using both [systems together] and mixing the answers so you’d have to break both,” says Langley. “I hope in two years there will be new research and we can replace this with something better.”