Invited talk: Let's stay encrypted—rethinking WebPKI for post-quantum age with Merkle Tree Certificates
| Action | Key |
|---|---|
| Play / Pause | K or space |
| Mute / Unmute | M |
| Toggle fullscreen mode | F |
| Select next subtitles | C |
| Select next audio track | A |
| Toggle automatic slides maximization | V |
| Seek 5s backward | left arrow |
| Seek 5s forward | right arrow |
| Seek 10s backward | shift + left arrow or J |
| Seek 10s forward | shift + right arrow or L |
| Seek 60s backward | control + left arrow |
| Seek 60s forward | control + right arrow |
| Seek 1 frame backward | alt + left arrow |
| Seek 1 frame forward | alt + right arrow |
| Decrease volume | shift + down arrow |
| Increase volume | shift + up arrow |
| Decrease playback rate | < |
| Increase playback rate | > |
| Seek to end | end |
| Seek to beginning | beginning |
Share this media
HLS video stream
You can use an external player to play this stream (like VLC).
HLS video streamWhen subscribed to notifications, an email will be sent to you for all added annotations.
Your user account has no email address.
Information on this media
The Web PKI is the foundation on which many security systems depend, and for many the gold standard of how to do PKI. On closer inspection, the Web PKI is an old system evolved with patches added from one crisis to the next. In this talk, we discuss recent efforts to modernize the Web PKI to maintain reliability and security in the face of the imminent threat from quantum computers. The transition to post-quantum cryptographic algorithms is hampered by the massive increase in size of PQC signatures relative to traditional cryptographic signatures. A straightforward “copy/paste” approach in which PQC algorithms were naively added into the existing WebPKI would add massive increases in the size of the TLS handshake, leading to a significant (around 50% P50) handshake latency to every HTTPS connection made. The impact of PQC on the web PKI wouldn’t stop at handshake sizes. The public web PKI also relies on transparency into certificate issuance (“Certificate Transparency”, CT) to help detect and mitigate unauthorized certificate issuance. For the past decade, CT has served its purpose of holding Certification Authorities (CAs) accountable, recently notably detecting Fina CA’s mis-issuance of certificates for 1.1.1.1, Cloudflare’s Encrypted DNS service late last year. Unfortunately, a naive adoption of the most mature PQC algorithms into the current public CT ecosystem would likely result in the ecosystem’s collapse due to the increased operational costs for logs, burdening an already-fragile group of volunteer log operators. Cloudflare and Google Chrome have spearheaded an effort, Merkle Tree Certificates (MTCs), that offer a new approach to HTTPS certificates that combine issuance and transparency into a single cryptographic object. Under active development in the Internet Engineering Task Force (IETF)’s PKI, Logs, and Tree Signatures (PLANTS) working group, MTCs reduce the overhead of post-quantum TLS certificates by 4-22Kb, eliminating the impact on client latency. Simultaneously, the design mitigates the impact on the Certificate Transparency ecosystem, likely resulting in reduced costs compared to today’s status quo. In this talk, we’ll walk through the MTC proposal, interesting open discussions happening in the working group and discuss the results of early experimentation between Chrome and Cloudflare.
Other media in the channel "2026"
7 views, 7 this year, 7 this monthDesktopRanger Blocks Keystroke Spying: Hardening Windows Desktop IsolationJuly 1st, 2026
5 views, 5 this year, 5 this monthRust, PAM and Typestate: Cooking up spotless authentication with nonstickJuly 2nd, 2026
4 views, 4 this year, 4 this monthFractum: an open-source CLI for Threshold-Based Cold Storage of Critical SecretsJuly 2nd, 2026
18 views, 18 this year, 18 this monthKeibiDrop: Post-Quantum Encrypted Peer-to-Peer File Transfer Without the CloudJuly 2nd, 2026
9 views, 9 this year, 9 this monthOblivious HTTP - when the server does not want to see your IPJuly 2nd, 2026
21 views, 21 this year, 21 this monthYour credentials were leaked, so what?July 2nd, 2026