iMessage is undergoing significant changes, making it one of the two messaging apps best prepared for the upcoming advent of quantum computing, along with Signal or perhaps even more resilient.
Apple said that messages sent through iMessage will now be protected by two forms of end-to-end encryption (E2EE), whereas previously there was only one. The encryption being added, known as PQ3, is an implementation of a new algorithm called Kyber, which, unlike previous iMessage algorithms until now, cannot be broken using quantum computing. Apple is not replacing the old, quantum computing-vulnerable algorithm with PQ3, but rather augmenting it. This means that in order to break the encryption, an attacker will have to break both algorithms.
The changes to iMessage come five months after the Signal Foundation, the developer of the Signal protocol that encrypts messages used by more than a billion people, updated the open standard to be post-quantum computing (PQC) ready as well. Like Apple, Signal has added Kyber to X3DH, the algorithm it used previously. Together, they are known as PQXDH, transmits ArsTechnica.
iMessage and Signal provide end-to-end encryption — protection that makes it impossible for anyone other than the sender and recipient to read the message in decrypted form. iMessage started offering E2EE with its launch in 2011. Signal became available in 2014.
One of the biggest threats to many forms of encryption is quantum computing. The power of the algorithms used in virtually all messaging applications is based on mathematical problems that are easy to solve in one direction and extremely difficult — in the other. Unlike a traditional computer, a quantum computer with sufficient resources can solve these problems in significantly less time.
No one knows how soon this day will come. One common estimate is that a quantum computer with 20 million qubits will be able to crack a single 2048-bit RSA key in about eight hours. The largest quantum computer known today has 433 qubits.
Whenever this future arrives, cryptographic engineers know it is inevitable. They also know that it is likely that some adversaries will collect and store as much encrypted data as possible now and decrypt it as soon as quantum advances make it possible. Apple and Signal’s actions are aimed at protecting against this scenario with Kyber, one of several PQC algorithms currently approved by the National Institute of Standards and Technology. Since Kyber is still relatively new, both iMessage and Signal will continue to use more proven algorithms for the time being.