December 23, 2024
Apple Announces Major Security Upgrade to iMessage

Apple Announces Major Security Upgrade to iMessage

Posted February 21, 2024 at 2:39pm by iClarified
Apple has announced a significant cryptographic security upgrade to iMessage that introduces PQ3, a post-quantum cryptographic protocol that reaches Level 3 security.

Today we are announcing the most significant cryptographic security upgrade in iMessage history with the introduction of PQ3, a groundbreaking post-quantum cryptographic protocol that advances the state of the art of end-to-end secure messaging. With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach what we call Level 3 security — providing protocol protections that surpass those in all other widely deployed messaging apps. To our knowledge, PQ3 has the strongest security properties of any at-scale messaging protocol in the world.

Apple Announces Major Security Upgrade to iMessage


PQ3 introduces a new post-quantum encryption standard using Kyber public keys for iMessage, allowing devices to generate secure encryption keys for initial messages and incorporate a novel post-quantum rekeying mechanism to protect against key compromise. This mechanism periodically refreshes encryption keys within conversations, ensuring future messages remain secure even if previous keys were compromised. The protocol combines traditional Elliptic Curve cryptography with post-quantum encryption, requiring adversaries to defeat both to compromise PQ3's security, and includes measures to manage the larger key sizes without degrading user experience. PQ3 maintains reliance on classical cryptography for authentication, considering the threat of quantum computing to be a future concern, with ongoing assessments planned to adapt to evolving quantum capabilities.

Apple has published a security analysis of the iMessage PQ3 protocol that was focused on so-called game-based proofs. The analysis shows that PQ3 provides confidentiality with forward secrecy and post-compromise security against both classical and quantum adversaries, in both the initial key exchange as well as the continuous rekeying phase of the protocol.

"The iMessage PQ3 protocol is a well-designed cryptographic protocol for secure messaging that uses state-of-the-art techniques for end-to-end encrypted communication," says Professor Douglas Stebila. "In my analysis using the reductionist security methodology, I confirmed that the PQ3 protocol provides post-quantum confidentiality, which can give users confidence in the privacy of their communication even in the face of potential improvements in quantum computing technology."

It also published a formal analysis of the iMessage PQ3 Messaging Protocol in which David Basin, Felix Linker, and Ralf Sasse present a detailed formal model of the protocol, a precise specification of its fine-grained security properties, and machine-checked proofs using the Tamarin prover.


Support for PQ3 will start to roll out with the public releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4, and is already in the developer preview and beta releases. iMessage conversations between devices that support PQ3 are automatically ramping up to the post-quantum encryption protocol. As Apple gains operational experience with PQ3, it expects to fully replace the existing protocol within all supported conversations this year.

More details at the link below...

Read More


Apple Announces Major Security Upgrade to iMessage
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments
You must login or register to add a comment...
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
Where to Download macOS Sequoia
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS