In context: Quantum computing may still be in its infancy, but it’s expected to bring a seismic shift in the industry with compute speeds that could be a million times faster than modern supercomputers. Given their unmatched power, quantum computers could give rise to massive cybersecurity risks that experts believe most enterprises are currently ill-equipped to deal with.
Apple, however, is one tech company that is trying to get ahead of the curve with new features that promise to secure iMessage against potential threats from powerful quantum computers. In a blog post, the company announced that its messaging service will be encrypted with a post-quantum cryptographic protocol called PQ3, which is said to offer “the strongest security properties of any at-scale messaging protocol in the world.”
According to Apple, PQ3 is designed to tackle the threats posed by quantum computing, which can crack modern cryptographic protocols quickly and efficiently, thereby compromising data security. Although current quantum computers do not threaten the security of end-to-end encrypted communications, the new technology is designed to address threats such as “harvest now, decrypt later” attacks, where malicious actors can steal large amounts of data and retain it until quantum computing can decrypt them in the future.
Apple also claimed that PQ3 will offer iMessage “Level 3” security, where post-quantum cryptography is used to secure communications, including “the initial key establishment and the ongoing message exchange.” For the uninitiated, Level 0 refers to unencrypted messaging, while Level 1 refers to end-to-end encrypted communications with no additional identity authentication. Data encryption services that use identity authentication and quantum security are said to have Level 2 security.
The addition of the new security protocol puts iMessage in the same league as Signal, which added support for the PQXDH security protocol last year to become the first mainstream messaging app to introduce post-quantum security. However, Apple claims that PQ3 makes iMessage more secure than Signal, which it says only achieved Level 2 security, as its security protocol only applies post-quantum cryptography to the initial key establishment.
PQ3 support has already been baked into the developer preview and beta releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4, and will start rolling out to all users with the respective stable releases later this year. iMessage conversations between devices running the aforementioned operating systems will automatically upgrade to PQ3 encryption, and it will gradually replace the existing protocol within all supported conversations by the end of this year.