Apple updates iMessage encryption to make it resistant to quantum computers: here’s what it means

Posted on by

Apple today announced a new post-quantum encryption protocol for iMessage called PQ3. This change marks a milestone in the history of communications encryption security, providing cutting-edge protection against highly sophisticated quantum attacks.

Apple says the PQ3 protocol not only represents an advancement in end-to-end secure messaging, but also establishes a new security standard that goes beyond the protection offered by any other commercial messaging application.

Encryption that ensures today’s data can’t be deciphered even 20 years from now
Let’s put this in context. iMessage currently uses the same end-to-end encryption as the standard used in military environments. Its implementation ensures that no computer or supercomputer in the world can decrypt what is encrypted with it. This means that the conversations we have today are much more secure.

However, advances in quantum computing are ongoing and quite rapid. It will be possible for these computers to attempt to decrypt security protocols that are currently considered unbreakable. This is where Apple is focused.

What happens if a hypothetical attacker (who, it’s worth noting, has enormous financial and technical resources) captures encrypted data today and stores it, waiting to decrypt it a few years from now when quantum computers are more advanced? That’s the question the new PQ3 protocol addresses.

The implementation of PQ3 in iMessage is a direct response to the potential threat that quantum computers pose to current cryptography. While machines that can break current encryption do not yet exist, the theoretical ability of quantum computers to solve mathematical problems, which underlie many current encryption protocols, could jeopardize the security of today’s encrypted communications.

Apple describes an attack scenario known as “harvest now, decrypt later,” which involves storing data while waiting for decryption technology to develop-even years into the future. In response, the PQ3 protocol is designed to protect our data from these quantum attacks, ensuring that both initial key establishment and message exchange are fully covered.

Apple claims that the new PQ3 achieves what they call “Level 3” security, which, according to the company, has not been achieved by any other commercial messaging protocol to date.

The implementation of PQ3 will begin with the March software updates to iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4, and it’s already available in the latest Beta versions of those updates. Apple plans to completely replace iMessage’s existing encryption protocol with the newly introduced PQ3 in all compatible conversations later this year.

Apple’s move certainly emphasizes the importance of anticipating future threats in the cybersecurity space. With the introduction of PQ3, Apple is setting new standards for our communications that are secure today and will remain secure when quantum computers become the norm.