iMessage is set to receive a major security upgrade as Apple plans to introduce a “post-quantum encryption protocol” called PQ3.
These are some five-dollar words, but what do they mean? In short, PQ3 is a new type of encryption technology that can locally generate encryption keys for iMessage text on iPhone. The text is sent to Apple's servers where a new key is generated and sent back to the device. So, if a hacker somehow gains access to one of these messages, they won't be able to use its key to access your conversation. The locks have been changed, so to speak. This is the essence of PQ3. A post on Apple's Security Research Blog goes into more detail. For the sake of brevity, we'll keep things short. But the details talk about the encryption behind everything, how rekeying works, and the “stuffing” process, as well as comprehensive reviews conducted by cybersecurity experts.
The next threat
The reason Apple is doing all this is to protect its service from future threats, specifically “evolving quantum.” [computing] Attacks.” Such attacks will not be widespread in 2024, as there are no computers capable of bypassing sophisticated modern encryption techniques – yet. Security experts have sounded the alarm, warning companies around the world of an event known as “Q-Day.” This is where a quantum computer powerful enough to crack the Internet's encryption and security systems is built. And Apple decided to listen.
The average hacker probably won't have access to this type of technology, but it may be found in the hands of a foreign adversary. Apple is particularly concerned about an attack scenario called “harvest now, decrypt later” (also known as store now, decrypt later) which sees hackers collect as much encrypted data as possible, then sit on that trove of information until it comes… The day quantum computers are powerful enough to breach security.
Edge above the competition
PQ3 support is scheduled to launch with “general releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4.” Apple covers all its bases here. The company claims that enhanced protection is now available on the current developer build and beta, but that may not be the case. We haven't seen people talking about receiving PQ3 on social media or reports from other publications detailing their experiences except for a brief mention from MacRumors. The patch may be rolled out to more people soon.
When PQ3 officially launches, it could give iMessage a huge advantage over other messaging platforms. Apple, in its blog post, boasts that its service has Level 3 security because it has PQC (post-quantum cryptography) protection. To put that into perspective, WhatsApp is tier one because it has end-to-end encryption but is vulnerable to quantum computing attacks. The Signal is Level 2 because it has PQC even though it lacks the major update mentioned earlier. There are plans to improve PQ3 further by implementing so-called PQC authentication.
We reached out to Apple to ask what this means and when people can expect the PQ3 to be released. This story will be updated later.
In the meantime, check out TechRadar's roundup of the best iPhones of 2024.
You may also like
