How Kybers and ratcheting are boosting the resiliency of Apple's messaging app:
iMessage is getting a major makeover that makes it among the two messaging apps most prepared to withstand the coming advent of quantum computing, largely at parity with Signal or arguably incrementally more hardened.
On Wednesday, Apple said messages sent through iMessage will now be protected by two forms of end-to-end encryption (E2EE), whereas before, it had only one. The encryption being added, known as PQ3, is an implementation of a new algorithm called Kyber that, unlike the algorithms iMessage has used until now, can't be broken with quantum computing. Apple isn't replacing the older quantum-vulnerable algorithm with PQ3—it's augmenting it. That means, for the encryption to be broken, an attacker will have to crack both.
The iMessage changes come five months after the Signal Foundation, maker of the Signal Protocol that encrypts messages sent by more than a billion people, updated the open standard so that it, too, is ready for post-quantum computing (PQC). Just like Apple, Signal added Kyber to X3DH, the algorithm it was using previously. Together, they're known as PQXDH.
iMessage and Signal provide end-to-end encryption, a protection that makes it impossible for anyone other than the sender and recipient of a message to read it in decrypted form. iMessage began offering E2EE with its rollout in 2011. Signal became available in 2014.
[...] Another important part of the iMessage upgrade is automatic key refreshing that happens behind the scenes. By changing the key regularly as messages pass back and forth, messengers become more resilient in the event of a compromise. When an adversary obtains a static key, all messages sent with it are subject to immediate decryption. Key refreshing in the same scenario limits what can be decrypted to only a single message or a small subset of messages.
Signal has always provided key refreshing through a signature innovation in the protocol known as ratcheting. Apple says its key refresh mechanism is modeled on ratcheting. To do this, Apple is replacing the elliptic-curve cryptography used since 2019 with Elliptic-curve Diffie-Hellman.
[...] Another difference between the two apps that privacy-minded people should remember is that, by default, iMessage backs up messages within iCloud with no E2EE. Advanced encryption will do nothing to protect users in this scenario. People should either turn off iCloud backups or turn on E2EE in iCloud. (Signal doesn't back up messages at all.)
Apple said it turned to two outside cryptography teams to verify that PQ3 is secure. Both supplied mathematical proofs, one titled Security Analysis of the iMessage PQ3 Protocol and the other A Formal Analysis of the iMessage PQ3 Messaging Protocol.
(Score: -1, Troll) by Anonymous Coward on Monday February 26, @02:20AM
That's patently false [signal.org].
Backups are unavailable on iOS, although you can migrate your messages to a different device.
But backups on Android have been a thing for years.
I get that TFA is about iMessage and, therefore geared toward iPhone users, but let's get our facts straight, eh?
(Score: -1, Flamebait) by Anonymous Coward on Monday February 26, @03:47AM (2 children)
you just need a government order, National Security Letter, five dollar wrench, rubber hose...
Oh, and do they have this in China?
(Score: 2) by Freeman on Monday February 26, @03:21PM
The 3rd and 4th bits are too time consuming. That's why they instill fear, then they can forego 1/2 the equation!
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 0) by Anonymous Coward on Tuesday February 27, @03:46AM
Flamebait
Guess I offended a Chinese moderator.
Odd (or maybe not) that nobody wants to answer the question... Don't dare expose any hypocrisy, right?
(Score: 0) by Anonymous Coward on Monday February 26, @04:01AM (4 children)
enough so the government takes interest. I'm curious to see if they can block access or shut it down, or at least crack it
(Score: 0) by Anonymous Coward on Monday February 26, @06:16AM (2 children)
Microsoft bought Skype and it became a lot more centralized.
FB bought WhatsApp. Stuff could still be E2E, just add more ends e.g. wonder whether there are extra hidden participants in WhatsApp chats and chat groups. Not saying it's happened but is it impossible?
(Score: 3, Interesting) by GloomMower on Monday February 26, @03:15PM (1 child)
zoom bought keybase :(
(Score: 0) by Anonymous Coward on Tuesday February 27, @03:54AM
(Score: 1, Informative) by Anonymous Coward on Monday February 26, @07:47AM
Make it work without a phone number, then govs will reaaally get interested.
https://freedom.press/training/secondary-signal-account/ [freedom.press]