Apple future-proofing iMessage to protect against the scary future of quantum computing hacking – TechRadar

iMessage is set to receive a substantial security upgrade as Apple plans to introduce a post-quantum cryptographic protocol called PQ3.

Those are some five-dollar words, but what do they mean? In a nutshell, PQ3 is a new type of encryption tech that can locally generate encryption keys for an iMessage text on an iPhone. The text is sent to Apple servers where a fresh key is made and sent back to the device. So if a hacker somehow gets their hands on one of these messages, they cant use its key to gain access to your conversation. The locks have been changed, so to speak. Thats the gist of PQ3. A post on Apples Security Research Blog goes into way more detail. For the sake of brevity, well keep things short. But the breakdown talks about the cryptography behind everything, how rekeying works, the padding process, as well as the extensive reviews done by cybersecurity experts.

The reason Apple is doing all this is to protect its service from future threats, namely sophisticated quantum [computing] attacks. Such attacks arent exactly widespread in 2024 as computers capable of bypassing modern high-end cryptography techniques dont exist yet. Security experts have sounded the alarm, warning companies around the world of an event known as "Q-Day". This is where a quantum computer powerful enough to crack through the internet's encryption systems and security is built. And Apple has decided to listen.

The average hacker probably wont have access to this type of technology, but it may be found in the hands of a foreign adversary. Apple is particularly worried about an attack scenario called Harvest Now, Decrypt Later (also known as Store Now, Decrypt Later) which sees hackers collect as much encrypted data as possible, then sit on this treasure trove of information until the day comes where quantum computers are strong enough to break through the protection.

Support for PQ3 is scheduled to launch with the public releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4. Apple is covering all of its bases here. The company claims the boosted protection is available right now on the current developer and beta builds, however, that may not be the case. We havent seen people talking about receiving PQ3 on social media or reports from other publications detailing their experiences apart from a brief mention by MacRumors. Its possible the patch could roll out to more people soon.

When PQ3 does officially launch, it could give iMessage a huge edge over other messaging platforms. Apple, in its blog post, boasts its service has Level 3 security because it has PQC (Post-Quantum Cryptography) protection. To put that into perspective, WhatsApp is Level 1 as it has end-to-end encryption but is vulnerable to quantum computing attacks. Signal is Level 2 because it has PQC although it lacks the key refresh mentioned earlier. There are plans to further improve PQ3 by implementing something called PQC authentication.

We reached out to Apple asking what this means and when people can expect the release of PQ3. This story will be updated at a later time.

In the meantime, check out TechRadar's roundup of the best iPhone for 2024.

Read more:

Apple future-proofing iMessage to protect against the scary future of quantum computing hacking - TechRadar