Apple have announced a new messaging protocol called PQ3, a major cryptographic security update for iMessage. This new protocol, described as the first of its kind to achieve Level 3 security, offers enhanced encryption that is resilient to quantum attacks, making it the most secure at-scale messaging protocol globally. Let’s break down the key elements of PQ3:
Post-Quantum Encryption: PQ3 integrates a new type of encryption key based on the Kyber post-quantum public keys algorithm, which has been adopted by NIST as the standard for Module Lattice-based Key Encapsulation Mechanism (ML-KEM).
Initial Key Establishment and Rekeying Mechanism: The protocol includes a novel approach to initial key establishment and introduces a periodic post-quantum rekeying feature which can rectify any potential key compromise by generating new encryption keys that are independent of past keys, thus maintaining secure conversations.
Hybrid Cryptographic Design: PQ3 employs a hybrid design that merges traditional Elliptic Curve cryptography with its new post-quantum encryption methods. This design is additive, meaning that breaching PQ3’s security would require overcoming both classical and post-quantum cryptographic challenges.