iMessage is getting a major security upgrade that will make it resistant to advanced quantum threats, Apple announced on Wednesday.
The new post-quantum cryptographic protocol — dubbed PQ3 — introduces “compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks,” Apple said. This will make iMessage more secure than other widely used messaging apps.
PQ3 represents a significant step in cryptographic security. According to Apple, it “advances the state of the art of end-to-end secure messaging.”
Security experts have since warned that powerful quantum computers would easily crack the encryption protocols widely used today. While we’re still years away from quantum computers being available to the general public, threat actors are already preparing to use them for nefarious purposes.
In June 2023, NordVPN warned about Harvest Now, Decrypt Later attacks, where cybercriminals breach systems and steal loads of encrypted sensitive data. This data is then stored until quantum computers are available and the trove of data can be decrypted.
Apple said PQ3 will be rolled out to the public with the upcoming iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4 update — expected in March. It’s currently available in developer preview and beta releases. Apple plans to replace iMessage’s current encryption protocol with PQ3 this year.
iMessage Is Now More Secure Than Other Messaging Apps
“PQ3 is the first messaging protocol to reach what we call Level 3 security,” Apple said, setting a new standard beyond the end-to-end encryption (E2EE) used by most messaging platforms.
PQ3 — presumably Post-Quantum Level 3 — uses the Kyber post-quantum algorithm, selected by NIST (the U.S. National Institute of Standards and Technology). To put things into perspective, Apple provided an illustration showing the security levels of messaging apps:
- Level 0: No E2EE by default: QQ, Skype, Telegram, and WeChat fall into this category.
- Level 1: Basic E2EE: Line, Viber, and WhatsApp are in this category
- Level 2: Post-quantum ready (PQC) encryption: Signal
- Level 3: Superior to all previous levels: PQ3 puts iMessage in this category
PQ3 is Apple’s attempt to make iMessage future-proof. The company hinted at the continued development of the PQ3 protocol to make it resistant to new threats.
“I’m surprised by the level of investment and timing of this. I wonder if it’s a risk-avoidant “we have to do it eventually, might as well do now” or if Apple has indications that the quantum crypto apocalypse is closer than I had thought,” a Reddit user remarked.
How to Protect Your Apps From Unauthorized Access
Even with an advanced encryption protocol like PQ3, bad cybersecurity practices can put your privacy at risk. Regardless of which messaging app you’re using, there are several ways to protect your messages from hackers and other third parties.
For example, you must use strong passwords, activate multi-factor authentication, and take advantage of the privacy settings of each app. Besides these basic cybersecurity practices, we strongly recommend using a virtual private network (VPN) like NordVPN to add an extra layer of encryption to your internet traffic and shield your data.
For more news, follow us on X (Twitter), Threads, and Mastodon!
