Apple has announced a significant cryptographic security upgrade to iMessage that introduces PQ3, a post-quantum cryptographic protocol that reaches Level 3 security.
Today we are announcing the most significant cryptographic security upgrade in iMessage history with the introduction of PQ3, a groundbreaking post-quantum cryptographic protocol that advances the state of the art of end-to-end secure messaging. With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach what we call Level 3 security — providing protocol protections that surpass those in all other widely deployed messaging apps. To our knowledge, PQ3 has the strongest security properties of any at-scale messaging protocol in the world.
PQ3 introduces a new post-quantum encryption standard using Kyber public keys for iMessage, allowing devices to generate secure encryption keys for initial messages and incorporate a novel post-quantum rekeying mechanism to protect against key compromise. This mechanism periodically refreshes encryption keys within conversations, ensuring future messages remain secure even if previous keys were compromised. The protocol combines traditional Elliptic Curve cryptography with post-quantum encryption, requiring adversaries to defeat both to compromise PQ3's security, and includes measures to manage the larger key sizes without degrading user experience. PQ3 maintains reliance on classical cryptography for authentication, considering the threat of quantum computing to be a future concern, with ongoing assessments planned to adapt to evolving quantum capabilities.
Apple has published a security analysis of the iMessage PQ3 protocol that was focused on so-called game-based proofs. The analysis shows that PQ3 provides confidentiality with forward secrecy and post-compromise security against both classical and quantum adversaries, in both the initial key exchange as well as the continuous rekeying phase of the protocol.
"The iMessage PQ3 protocol is a well-designed cryptographic protocol for secure messaging that uses state-of-the-art techniques for end-to-end encrypted communication," says Professor Douglas Stebila. "In my analysis using the reductionist security methodology, I confirmed that the PQ3 protocol provides post-quantum confidentiality, which can give users confidence in the privacy of their communication even in the face of potential improvements in quantum computing technology."
It also published a formal analysis of the iMessage PQ3 Messaging Protocol in which David Basin, Felix Linker, and Ralf Sasse present a detailed formal model of the protocol, a precise specification of its fine-grained security properties, and machine-checked proofs using the Tamarin prover.
Support for PQ3 will start to roll out with the public releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4, and is already in the developer preview and beta releases. iMessage conversations between devices that support PQ3 are automatically ramping up to the post-quantum encryption protocol. As Apple gains operational experience with PQ3, it expects to fully replace the existing protocol within all supported conversations this year.
More details at the link below...
Read More
Today we are announcing the most significant cryptographic security upgrade in iMessage history with the introduction of PQ3, a groundbreaking post-quantum cryptographic protocol that advances the state of the art of end-to-end secure messaging. With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach what we call Level 3 security — providing protocol protections that surpass those in all other widely deployed messaging apps. To our knowledge, PQ3 has the strongest security properties of any at-scale messaging protocol in the world.
PQ3 introduces a new post-quantum encryption standard using Kyber public keys for iMessage, allowing devices to generate secure encryption keys for initial messages and incorporate a novel post-quantum rekeying mechanism to protect against key compromise. This mechanism periodically refreshes encryption keys within conversations, ensuring future messages remain secure even if previous keys were compromised. The protocol combines traditional Elliptic Curve cryptography with post-quantum encryption, requiring adversaries to defeat both to compromise PQ3's security, and includes measures to manage the larger key sizes without degrading user experience. PQ3 maintains reliance on classical cryptography for authentication, considering the threat of quantum computing to be a future concern, with ongoing assessments planned to adapt to evolving quantum capabilities.
Apple has published a security analysis of the iMessage PQ3 protocol that was focused on so-called game-based proofs. The analysis shows that PQ3 provides confidentiality with forward secrecy and post-compromise security against both classical and quantum adversaries, in both the initial key exchange as well as the continuous rekeying phase of the protocol.
"The iMessage PQ3 protocol is a well-designed cryptographic protocol for secure messaging that uses state-of-the-art techniques for end-to-end encrypted communication," says Professor Douglas Stebila. "In my analysis using the reductionist security methodology, I confirmed that the PQ3 protocol provides post-quantum confidentiality, which can give users confidence in the privacy of their communication even in the face of potential improvements in quantum computing technology."
It also published a formal analysis of the iMessage PQ3 Messaging Protocol in which David Basin, Felix Linker, and Ralf Sasse present a detailed formal model of the protocol, a precise specification of its fine-grained security properties, and machine-checked proofs using the Tamarin prover.
Support for PQ3 will start to roll out with the public releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4, and is already in the developer preview and beta releases. iMessage conversations between devices that support PQ3 are automatically ramping up to the post-quantum encryption protocol. As Apple gains operational experience with PQ3, it expects to fully replace the existing protocol within all supported conversations this year.
More details at the link below...
Read More