Signal of course has always made its name as a secure messaging app. But this is taking it even further than that. Apple has announced PQ3, a post-quantum cryptographic protocol for iMessage that uses the Kyber algorithm, launching in iOS 17.4, iPad OS 17.4, and macOS 14.4.
Quoting Apple Insider:
Apple already includes end-to-end encryption in its secure iMessage platform. But while elements such as Contact Key Verification can help keep users secure from current-generation computing threats, it could have a hard time taking on quantum computing.
To thwart quantum computers when they eventually become more commonly used, Apple is not waiting until they arrive to bolster its security.
To try and minimize the risks from the use of quantum computing, cryptographers have worked on post-quantum cryptography (PQC). This consists of new public key algorithms that are becoming the basis of quantum-secure protocols, namely protocols that can be used by current non-quantum computers, but that are still secure when put against quantum computers.
Apple describes the state of quantum cryptography in messaging applications in a tiered approach, increasing with the level number. Level 0 and Level 1 are deemed Classical Cryptography without quantum security, while Level 2 and later are categorized as using PQC.
Moving to PQC levels, Signal is the first and only large-scale messaging app to be classed as Level 2. Apple's announcement is that it has come up with a new cryptographic protocol it calls PQ3 that will be incorporated into iMessage. The change offers "the strongest protection against quantum attacks," with iMessage becoming the first and only to support Level 3 security.
Existing iMessage conversations between devices that can support PQ3 will be automatically changing over to the new protocol.
Apple adds that, as it "gains operational experience with PQ3 at the massive global scale of iMessage," PQ3 will replace existing cryptographic protocols within all supported conversations by the end of 2024. ENDQUOTE
And Quoting Wired for why this is important:
Billions of medical records, financial transactions, and messages we send to each other are protected by encryption. It’s fundamental to keeping modern life and the global economy running relatively smoothly. However, the decades-long race to create vastly powerful quantum computers, which could easily crack current encryption, creates new risks.
While practical quantum computing technology may still be years or decades away, security officials, tech companies, and governments are ramping up their efforts to start using a new generation of post-quantum cryptography. These new encryption algorithms will, in short, protect our current systems against any potential quantum computing-based attacks.
Quantum computing is serious business. Governments in the US, China, Russia, and tech companies such as Google, Amazon, and IBM are plowing billions into the (still) relatively nascent efforts to create quantum computers. If successful, the technologies could help unlock scientific breakthroughs in everything from drug design to creating longer-lasting batteries. Politicians are also vying to become quantum superpowers. The current quantum computing devices are still experimental and not practical for general use.
Unlike the computers we use today, quantum computers use qubits, which can exist in more than one state. (Current bits are either ones or zeroes). It means that quantum devices can store more information than traditional computers and perform more complex calculations, including potentially cracking encryption.
“Quantum computers, if deployed reliably and in a scalable manner, would have the potential to break most of today's cryptography,” says Lukasz Olejnik, an independent cybersecurity and privacy researcher and consultant. This includes the encryption in the messaging apps billions of people use every day. Most encrypted messaging apps using public key cryptography have used RSA, Elliptic Curve, or Diffie-Hellman algorithms. ENDQUOTE
#applenews #technews
Информация по комментариям в разработке