Apple announced a new post-quantum cryptographic protocol called PQ3 which will be integrated into iMessage to protect the messaging platform from future attacks arising from the threat of a practical quantum computer.
“With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to achieve what we call Layer 3 security, providing protocol protections that surpass those of all other widely used messaging apps “Apple said.
The iPhone maker described the protocol as “revolutionary,” “cutting-edge,” and having the “strongest security properties” of any widely deployed cryptographic protocol.
PQ3 is the latest security barrier Apple erected in iMessage after switching from RSA encryption to Elliptic Curve encryption (ECC) and protecting encryption keys on devices with Secure Enclave in 2019.
While the current algorithms underlying public key cryptography (or asymmetric cryptography) rely on mathematical problems that are easy to solve in one direction but difficult in the opposite, a potential future breakthrough in quantum computing means that classical mathematical problems thought to be computationally intensive can be trivially addressed. resolved, effectively threatening end-to-end encrypted communications (E2EE).
The risk is compounded by the fact that threat actors could conduct a so-called Harvest Now, Decrypt Later (HNDL) attack, in which encrypted messages are stolen today in the hope of decoding them later by means of a quantum computer. once it becomes reality.
In July 2022, the US Department of Commerce’s National Institute of Standards and Technology (NIST) selected Kyber as the post-quantum cryptographic algorithm for general encryption. Over the past year, Amazon Web Services (AWS), Cloudflare, Google, and Signal have announced support for quantum-resistant encryption in their products.
Apple is the latest to join the post-quantum cryptography (PQC) bandwagon with PQ3, which combines Kyber and ECC and aims to reach security level 3. In contrast, Signal, which introduced its own PQXDH protocol, offers security level 2, which establishes a PQC key for encryption.
It refers to an approach in which PQC is “used to protect both the initial key creation and the ongoing message exchange, with the ability to quickly and automatically restore the cryptographic security of a conversation even if a given key is compromised.”
The protocol, according to Apple, is also designed to mitigate the impact of compromised keys by limiting the number of past and future messages that can be decrypted with a single compromised key. Specifically, its key rotation scheme ensures that keys are rotated at most every 50 messages and at least once every seven days.
Support for PQ3 is expected to begin rolling out with the general availability of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4 next month.
Cupertino’s iMessage security update follows the tech giant’s surprise decision to bring Rich Communication Services (RCS) to its Messages app later this year, marking a much-needed shift away from the insecure SMS standard.
It also said it will work to improve the security and encryption of RCS messages. It’s worth noting that while RCS doesn’t implement E2EE by default, Google’s Messages app for Android uses the Signal protocol to secure RCS conversations.
While adopting advanced protections is always a positive step, it remains to be seen whether these will be extended beyond iMessage to include RCS messages.