Unveiling Post-Quantum Encryption in iMessage with the New Apple iOS 17.4 Update

Matt Burgess

Apple is launching its first post-quantum protections, one of the biggest deployments of the future-resistant encryption technology to date.

Billions of medical records, financial transactions, and messages we send to each other are protected by encryption. It’s fundamental to keeping modern life and the global economy running relatively smoothly. However, the decades-long race to create vastly powerful quantum computers, which could easily crack current encryption, creates new risks.

While practical quantum computing technology may still be years or decades away, security officials, tech companies, and governments are ramping up their efforts to start using a new generation of post-quantum cryptography. These new encryption algorithms will, in short, protect our current systems against any potential quantum computing-based attacks.

Today Cupertino announces the inclusion of PQ3—its post-quantum cryptographic protocol—in iMessage. The update, initially deployed in beta versions of the software, will roll out in iOS and iPad OS 17.4 as well as macOS 14.4. Apple shared the news on its security research blog, stating this change as the “most significant cryptographic security upgrade in iMessage history.”

“We rebuilt the iMessage cryptographic protocol from the ground up,” says the blog post, asserting that the upgrade will completely replace existing encryption protocols by the end of this year. Users need only update their operating system to apply the new protections.

Quantum computing is receiving serious attention and investment. Governments in the US, China, and Russia, as well as tech companies like Google, Amazon, and IBM are pumping billions into the relatively young efforts to create quantum computers. If achieved, these technologies could foster scientific advances in areas from drug design to longer-lasting batteries. Politicians are also racing to become quantum superpowers. However, current quantum computing devices remain experimental and impractical for general usage.

Uniquely, quantum computers use qubits, which can inhabit multiple states, unlike current bits which are either ones or zeros. This feature allows quantum devices to store more information than traditional computers and carry out intricately complex calculations, potentially breaking encryption.

“Quantum computers, if deployed reliably and in a scalable manner, would have the potential to break most of today’s cryptography,” says Lukasz Olejnik, an independent cybersecurity and privacy researcher and consultant. This includes the encryption in the messaging apps that billions of people use every day. Most encrypted messaging apps using public key cryptography have used RSA, Elliptic Curve, or Diffie-Hellman algorithms.

Responding to the potential threat—which has been known about since the 1990s—intelligence and security agencies have become increasingly vocal about developing and deploying quantum-resistant cryptography. The National Institute of Standards and Technology in the US has been a driving force behind the creation of these new encryption types. Olejnik says tech companies are taking the quantum threat “very” seriously. “Much more serious than some older changes like switches between hash functions,” Olejnik says, adding that things are moving relatively fast given that post-quantum cryptography is still “very young” and there’s “no functional quantum computer on the horizon.”

Matt Simon

Will Knight

Carlton Reid

Matt Burgess

Apple’s rollout of PQ3 in iMessage follows Signal in introducing post-quantum algorithms—the encrypted messaging app introduced its PQXDH specification in September, saying it is built on the Kyber algorithm. Proton, the creator of encrypted email and other apps, said around the same time that it is building quantum-safe PGP encryption for everyone to use.

In its blog post, Apple details how PQ3 has been built and how it operates. The company says PQ3 creates a new post-quantum encryption key as part of the public keys that phones and computers using iMessage create and transmit to Apple’s servers. The company is using the Kyber algorithm—the same approach as Signal—to do this and will generate the keys from the first message that is sent, even if the person receiving the message is offline.

Apple asserts that its system will apply post-quantum protections to the creation of encryption keys and message exchanges, including scenarios where an encryption key has been compromised by an attacker. It explains, in order to effectively protect end-to-end encrypted messaging, the post-quantum keys need to be regularly changed. This limits the amount of a conversation that can be exposed by any single key compromise, presently and with future quantum computers.

These post-quantum protections are additions to its existing encryption, according to Apple. It is implementing a hybrid design that merges its current elliptic curve cryptography (ECC) with the evolved post-quantum protections. Apple explains, in order to defeat PQ3 security, an adversary needs to defeat both the traditional ECC cryptography and the new post-quantum elements.

Apple reports that PQ3 has been externally evaluated by an unnamed third-party security company, and also by two academic groups who have published papers studying the system. It argues that its method—being able to produce new quantum keys—provides stronger defenses than the current deployment of Signal. A research paper led by David Basin, a computer science professor at ETH Zurich, concludes that this protocol has strong security guarantees against an active network adversary with selective compromise abilities and quantum computing capabilities.

Although there are no guarantees that quantum technologies will evolve sufficiently to be beneficial, it is expected that the next several years will witness companies steadily rolling out and refining their post-quantum protocols. This is partly a strategy to address one of the current major concerns about quantum computing: the fear that nations and threat actors are currently collecting and stockpiling encrypted data with the aim of deciphering its secrets as quantum technologies advance.

Starting to deploy post-quantum encryption now—before functional quantum computers exist—has the potential to limit the impact of these so-called “harvest now, decrypt later” attacks. “We are seeing our adversaries do this—copying down our encrypted data and just holding on to it,” Dustin Moody, who leads post-quantum encryption standards in the US told The New Yorker in 2022. “It’s definitely a real threat.”

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Article

Introduction of Enterprise-Ready Private 5G: A Prime Time Competitor for Wi-Fi

Next Article

HostDime's Florida Data Center: Construction Update Log 65

Related Posts