Apple’s iMessage gets post-quantum end-to-end encryption
The iPhone maker talks about next-generation “compromise-resistant encryption” with a new iMessage update.
Apple has long prided itself on the security and privacy of its messaging app, iMessage, but the Cupertino company is making the app even more secure by adding a new “innovative post-quantum cryptographic protocol.”
Apple’s new PQ3 protocol is designed to keep iMessage safe from the rise of quantum computers, machines powerful enough to break the hitherto “unbreakable” encryption methods traditionally used in most messaging apps.
Previously, iMessage used elliptic curve cryptography, which replaced RSA encryption in 2019. But as secure as that protocol is, a quantum computer could fix it in no time. There are no such machines yet, but they are certainly on the horizon, and Apple’s move to PQ3 is effectively a future-proofed effort.
However, Apple is pushing the technology now to not only handle future quantum-based decryption methods, but also to keep messages sent now safe from future attempts.
What worries Apple are “harvest now, decrypt later” attacks, in which a threat actor stores massive amounts of messages to decrypt them later when new tools become available.
“Although quantum computers with this capability do not yet exist, very well-resourced attackers can already prepare for their possible arrival by taking advantage of the sharp decline in modern data storage costs,” Apple said in a blog post.
“The premise is simple: these attackers can collect large amounts of encrypted data today and archive it for future reference.”
The name of the protocol, PQ3, stands for post-quantum and the level of security it offers. Level 0 is no end-to-end encryption, Level 1 is basic end-to-end encryption, and Level 2, which uses the highly secure Signal messaging application, is PQZDH or Post-Quantum Extended Diffie-Hellman.
Diffie-Hellman key exchange dates back to 1976 and was one of the first public key protocols, using both a publicly known key and a private key to keep communications secure.
What makes PQ3 particularly secure is the ability to “self-heal after a key compromise.” Each conversation that uses the PQ3 protocol can be rekeyed, creating new keys that cannot be linked to the previous one. This means that even if a key is compromised, the conversation can be secure again.
PQ3 is currently in beta versions of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4 and will be rolled out more widely when those operating systems move to full release.