Apple Upgrades iMessage With PQ3 Quantum Computer-Resistant Encryption Protocol

Apple says its PQ3 protocol offers compromise-resilient encryption that protects users against highly sophisticated attacks using a quantum computer.

Written by David Delima, Edited by Siddharth Suvarna | Updated: 21 February 2024 19:30 IST

Apple Upgrades iMessage With PQ3 Quantum Computer-Resistant Encryption Protocol

Photo Credit: Pexels/ @rdne

iMessage is the second messaging platform to add support for post-quantum cryptography

Highlights

Apple says iMessage will soon offer protection against quantum computers
The messaging platform already offers end-to-end encryption by default
Until now, only Signal had introduced quantum-resistant chat encryption

Apple is introducing a new cryptographic protocol for iMessage that is designed to protect users from sophisticated attacks using quantum computers. The new encryption protocol could safeguard users from scenarios where encrypted data has been stored, only to be decrypted using a quantum computer at a later date. iMessage is the second messaging platform known to introduce support for quantum-security cryptography — Signal's PQXDH protocol was introduced last year — while adding another layer of security to protect users if keys are compromised.

The company detailed the development of the new PQ3 protocol for iMessage on Wednesday, ahead of its deployment on supported iPhone, iPad, Mac, and Apple Watch models. PQ3 is a quantum-resistant cryptographic protocol designed to protect conversations from being compromised by attackers with quantum computers in the future, according to Apple.

Traditional public key cryptography — used in secure messaging services like WhatsApp, iMessage, and Signal — protect users from powerful computers using difficult mathematical problems. However, powerful quantum computers are said to be capable of solving these problems, which means that even though they don't currently exist, they can be used to compromise encrypted chats in the future.

Apple Set to Face Over $500 Million EU Fine in Spotify Row

Apple also highlights another challenge posed by quantum computers — the "Harvest Now, Decrypt Later" scenario. By storing vast amounts of encrypted data available today, capable attackers can gain access to the data at some point in the future once a powerful enough quantum computer is capable of breaking the traditional encryption used to protect those messages.

iMessage will join Signal in using quantum-resistant cryptography
Photo Credit: Apple

iMessage is the second messaging platform to add support for quantum-security cryptography. Last year, Signal — widely considered the gold standard in encrypted messaging — announced it was rolling out a new PQXDH protocol that would protect users from quantum computers. Apple says that its PQ3 encryption protocol goes one step further than PQXDH by changing post-quantum keys on an ongoing basis — this limits the number of messages that can be exposed if the keys are compromised.

This New ‘GoldDigger’ iOS Trojan Steals iPhone Face ID Data

The new PQ3 post-quantum encryption protocol is designed to protect users from existing and future adversaries and will be introduced from the start of a chat, according to Apple. It would need to be combined with the company's existing encryption, with a hybrid design that means attackers would need to defeat both the traditional encryption and the post-quantum primitives used to protect iMessage conversations.

In order to protect users in case an encryption key is compromised, Apple says that a new post-quantum key is transmitted periodically (instead of with every message), to keep the size of these encrypted messages in check, while allowing users to access the service even in poor network conditions.

The new PQ3 protocol has been reviewed by the company's Security Engineering and Architecture (SEAR) teams. It has also been reviewed by a team led by Professor David Basin, head of the Information Security Group at ETH Zürich, as well as Professor Douglas Stebila from the University of Waterloo. The company also says that it also contracted a third-party security consultancy independently assessed the PQ3 source code, and found no security issues, according to the company.

Apple says that the upcoming updates to iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4 will bring support for PQ3, and iMessage conversations on supported devices will automatically start to use the new quantum-security protocol to encrypt messages sent and received on the platform. All supported conversations will be upgraded to the post-quantum encryption protocol this year, according to the company.

Is the Samsung Galaxy Z Flip 5 the best foldable phone you can buy in India right now? We discuss the company's new clamshell-style foldable handset on the latest episode of Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: iMessage, PQ3, Encryption, Quantum computers, Apple, Signal, E2EE

David Delima

Email David Delima

As a writer on technology with Gadgets 360, David Delima is interested in open-source technology, cybersecurity, consumer privacy, and loves to read and write about how the Internet works. David can be contacted via email at DavidD@ndtv.com, on Twitter at @DxDavey, and Mastodon at mstdn.social/@delima. More