iMessage is undergoing a significant transformation, positioning itself alongside Signal as one of the most resilient messaging apps in anticipation of the future advent of quantum computing. Apple announced on Wednesday that messages sent through iMessage will now benefit from dual-layered end-to-end encryption (E2EE), a notable enhancement from the previous single-layered encryption system. The additional encryption, referred to as PQ3, implements a new algorithm called Kyber, designed to withstand attacks from quantum computers. Notably, Apple is not replacing the existing vulnerable algorithm with PQ3 but rather supplementing it, requiring potential attackers to breach both layers for decryption.
These changes to iMessage arrive shortly after the Signal Foundation updated its open standard, Signal Protocol, ensuring readiness for post-quantum computing. Similar to Apple, Signal incorporated Kyber into its previous algorithm, X3DH, forming what is now referred to as PQXDH. Both iMessage and Signal offer end-to-end encryption, which safeguards messages from unauthorized access, with iMessage introducing E2EE in 2011 and Signal becoming available in 2014.
Quantum computing poses a looming threat to encryption systems, as these rely on mathematical problems that are challenging for traditional computers but could be solved relatively quickly by quantum computers. While the timeline for widespread quantum computing remains uncertain, the encryption community acknowledges its inevitability and the potential for adversaries to collect encrypted data for future decryption. Apple and Signal’s adoption of Kyber aims to preemptively defend against such threats, aligning with PQC algorithms endorsed by the National Institute of Standards and Technology.
Moreover, iMessage’s upgrade includes automatic key refreshing, a mechanism that enhances resilience against compromises. By regularly changing keys during message exchanges, the impact of a compromised key is minimized. Apple’s approach, inspired by Signal’s ratcheting innovation, employs Elliptic-curve Diffie-Hellman to refresh keys, both for traditional cryptography and the newly introduced PQ3. However, due to the overhead associated with refreshing keys for PQC algorithms, the frequency of updates differs.
While these enhancements bring iMessage on par with Signal in terms of PQC hardening and key refreshment, there are distinctions to consider. Notably, iMessage’s default iCloud backups lack E2EE protection, posing a privacy concern. Users are advised to disable iCloud backups or enable E2EE within iCloud settings. Apple collaborated with external cryptography experts to validate the security of PQ3 through mathematical proofs, ensuring the integrity of the messaging protocol.
The updated iMessage features are currently available in developer previews and beta releases, set to roll out with the public releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4.