Tech giant Apple has introduced a new post-quantum encryption protocol called PQ3. The new Apple PQ3 protocol is the first of its kind in messaging platforms and, according to Apple, has the strongest security features in the world.
Do you want to learn more about the Apple PQ3 protocol? We will share everything you need to know in the rest of this article.
What is the Apple PQ3 protocol?
The Apple PQ3 protocol is a new encryption protocol developed for iMessage to protect against the potential threat of quantum computers. PQ3 stands for “Post-Quantum,” and this protocol will help keep your messages safe in the face of emerging quantum computers.
How does the Apple PQ3 protocol work?
PQ3 uses two main mechanisms to protect iMessage against future quantum attacks:
- Post-quantum key: PQ3 adds a post-quantum key to the set of public keys that each Apple device generates locally and sends to Apple servers as part of the iMessage registration process. This key is generated using “post-quantum” algorithms that are even difficult for quantum computers to break.
- Re-keying: PQ3 periodically performs re-keying during conversations. This process keeps the conversation secure even if past keys are compromised. During re-keying, a new post-quantum key is generated and used to encrypt messages throughout the conversation.
What are the advantages of the Apple PQ3 protocol?
PQ3 has a number of advantages that significantly enhance the security of iMessage. These advantages include:
- Protection against modern cryptographic protocols that quantum computers can theoretically break, protecting users’ messages against future quantum attacks.
- Protection against “collect now, decrypt later” attacks, where threat actors steal large amounts of data and can decrypt it in the future with quantum computing capabilities, also keeping past messages safe.
- Provides the highest level of security defined by Apple, called Level 3, which includes additional authentication and quantum security, protecting users’ messages according to the highest security standards.
- A re-keying mechanism that keeps the conversation secure even if past keys are compromised ensures that both past and future messages are protected even if one is compromised.
These advantages of PQ3 make iMessage one of the most secure messaging platforms against today’s and future threats.
Why is the PQ3 Protocol important?
Quantum computers are much more powerful than traditional computers and have the potential to break currently used encryption methods. In short, this could allow your iMessage messages to be intercepted and read. The PQ3 Protocol is designed to help prevent this threat.
Signal and Level 2 security
While Apple argues that Signal offers Level 2 security with PQXDH and is the first large-scale post-quantum messaging application, the features offered by PQ3 represent a level of security that did not exist before. Level 2 requires post-quantum encryption to be applied only to the initial key and requires that keys never be compromised.
However, Apple points out that today’s threats aim to capture keys, which also puts past messages at risk. PQ3, on the other hand, offers more comprehensive protection than Signal’s Level 2 by using post-quantum encryption throughout the conversation with Level 3 security and protecting past messages with “re-keying.”
Furthermore, Open Source Security Foundation (OpenSSF) CEO Omkhar Arasaratnam stated that PQ3 is an important step towards wider adoption of quantum-secure messaging. He emphasized the importance of Apple combining post-quantum and traditional encryption ciphers, stating that this approach promises a strong defense against potential adversaries aiming to intercept and decrypt encrypted traffic in the future.
Arasaratnam also said, “Apple’s pioneering use of the hybrid PFS model prepares to strike a delicate balance between the performance implications of re-keying and the imperative to protect privacy.”
The PQ3 protocol is a significant step in protecting iMessage against future quantum attacks. With the use of this protocol, users’ messages will become even more secure.
Featured image credit: EvergreenPlanet / Envato
