What is PQ3, Apple’s New iMessage Security Protocol?
Apple has announced PQ3, a new post-quantum cryptographic protocol foriMessage.The Cupertino tech giant says that this groundbreaking and state-of-the-art protocol has “the strongest security properties of any at-scale messaging protocol in the world.” Apple believes the PQ3 provides “extensive defenses against even highly sophisticated quantum attacks”.
Let’s understand how iMessage’s PQ3 protocol works and how differs from other messaging security protocols.
What is PQ3 Protocol?
At the moment, communication security is measured by three security levels.
The new iMessage security protocol, PQ3 is the first messaging protocol that qualifies to reach what Apple calls “Level 3 security”. This uses post-quantum cryptography to secure both the initial key establishment and the ongoing message exchange. In addition, the Level 3 PQC can automatically restore the security of a conversation even when the key is compromised. Therefore, PQ3 is claimed to surpass protocols in all other widely deployed messaging apps.
Why is Apple Shifting to PQ3 Protocol for iMessage?
Apple’s iMessage has always supported end-to-end encryption. When launched back in 2011, iMessage was the first widely available messaging app to support end-to-end encryption by default. Over the years, Apple has significantly improved its cryptography. However, the existing common cryptographic algorithms used by messaging apps rely on mathematical problems that could potentially be solved by sufficiently powerful quantum computers.
Such quantum computers don’t exist today. However, resourced attackers can do the homework before future arrival. Such attackers can manage to collect large amounts of encrypted data and store it for future reference. Although they can’t decrypt any of this collected data today, they can do it in the future using a quantum computer. This attack scenario is known asHarvest Now, Decrypt Later.
The iMessage’s new security protocol, PQ3 is designed to protect users against “Harvest Now, Decrypt Later” attacks. Apple says that since PQ3 achieved “Level 3” security, it secures “both the initial key establishment and the ongoing message exchange.”
How Does PQ3 Protocol Work?
The new PQ3 protocol brings a new post-quantum encryption key to the set of public keys. Each device generates these public keys locally and then transmits them to Apple servers as part of the iMessage registration process. For this, Apple uses theModule Lattice-based Key Encapsulation Mechanism standardorML-KEMwhich enables the sender devices to get a receiver’s public keys and generate post-quantum encryption keys for the very first message. This works even if the receiver is offline.
Then Apple includes a periodic post-quantum rekeying mechanism within the conversation. This mechanism can self-heal from key compromise and safeguard future messages.
“In PQ3, the new keys sent along with the conversation are used to create fresh message encryption keys that can’t be computed from past ones, thereby bringing the conversation back to a secure state even if previous keys were extracted or compromised by an adversary.” – Apple
Impressively, PQ3 is the first large-scale cryptographic messaging protocol that deploys this post-quantum rekeying property.
Benefits of PQ3 Protocol
For PQ3, Apple didn’t replace or modify the existing algorithms. Rather, it has rebuilt the iMessage cryptographic protocol from scratch, to deliver the following benefits:
PQ3 Protocol Availability in iMessage
Apple will gradually start rolling PQ3 for supported iMessage conversations with iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4. The giant says that the latest beta versions of these software updates already have this security protocol. Apple also confirmed that visionOS won’t have the PQ3 protocol during the initial rollout.
Later this year, PQ3 is expected to fully replace the existing iMessage’s cryptography protocol within all supported conversations. Bear in mind, that the devices must be running the latest software versions.
Kanika Gogia
Kanika has been a loyal iPhone user since 2014 and loves everything Apple. With a Master’s in Computer Applications, passion for technology, and over five years of experience in writing, she landed at Beebom as an Apple Ecosystem Writer. She specializes in writing How To’s, troubleshooting guides, App features, and roundups for Apple users to help them make the best use of their gadgets. When not writing, she loves to try out new recipes and enjoy some family time.
Add new comment
Name
Email ID
Δ
01
02
03
04
05