Apple has rolled out an update to iMessage encryption, the likes of which includes post-quantum protections that the company calls the “most significant cryptographic security upgrade” in the messenger’s history.
In a blog post published Wednesday, Apple announced the arrival of PQ3, a new encryption protocol designed to seriously enhance the messenger’s security. Since its launch in 2011, iMessage has offered end-to-end encryption—which is a nice thing to have if you want to keep your chats private. It’s also not something every messenger on the web provides. That said, Apple’s encryption hasn’t always been as secure as it should be. With the latest update, Apple claims your messages will now be more secure than ever. So secure, in fact, that Apple has invented a whole new level of security—what it calls “Level 3”—to distinguish the unparalleled protections your iPhone conversations will enjoy.
The blog states:
With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach what we call Level 3 security — providing protocol protections that surpass those in all other widely deployed messaging apps. To our knowledge, PQ3 has the strongest security properties of any at-scale messaging protocol in the world.
Apple apparently feels so confident about this assessment of unparalleled protection that it’s provided a diagram showing how iMessage now outranks other messengers, including the popular privacy app Signal:
In short: This is good news, overall. Any additional layer of protection you can add to your digital life is a win. That said, it’s easy to find Apple’s new “post-quantum” protections sorta funny since quantum computers don’t really exist yet. Indeed, while governments and large companies like Google are currently racing to develop them, fully functional quantum machines have not materialized yet. Scientists seem confident that they will, eventually, arrive. When they do, experts contend they’ll totally upend our way of life, leading to breakthroughs in everything from science and medicine to mathematics.
Notably, quantum computers will likely be able to break current public-key encryption algorithms, thus unlocking much of the internet—which is currently protected by public-key systems. There is some speculation that quantum-related attacks are already occurring—so-called “harvest now, decrypt later” attacks, in which a sophisticated hacker may hoover up vast amounts of encrypted data in the hopes of later using a quantum machine to decrypt it.
Apple’s new protocol is designed to protect against these kinds of attacks. It’s fueled by a “post quantum secure” algorithm known as Kyber, which was developed by researchers associated with the National Institute for Technology and Standards (NIST), the organization that has been at the forefront of encrypted protocol development for years. It’s worth noting that not all of NIST’s post-quantum algorithms have been found to be secure; that said, in general, they’re thought to be much more secure than current public-key systems which are, themselves, pretty damn secure.
Apple isn’t the only one rolling out post-encryption protections. Last summer it was reported that Google was working on post-quantum encryption standards to protect Chrome users from the same hypothetical hackers of the future. A list of other notable companies have agreed to foster the development of similar protections in their products and platforms.