Apple are introducing new security to their iMessage service in the form of the PQ3 protocol, an end-to-end encrypted messaging protocol designed for exchanging data in long-lived sessions between two devices (eg, chats with your friends). Why is this interesting? Well, it’s because it uses “Kyber”, an algorithm selected by the National Institute for Standards and Technology (NIST ) as one of its post-quantum security standards.
What Is Post-Quantum Security?
First things first. Post-quantum security refers to cryptographic principles and practices designed to secure communications and data against the potential future threat posed by quantum computers. Traditional cryptographic systems use classes of algorithms, including the algorithms used to secure today’s internet communications of all kinds (including banking, shopping and messaging), based on mathematical problems that are difficult to solve with classical computers but could be easily solved with quantum computers. Quantum computers operate on the principles of quantum mechanics, allowing them to process information in ways fundamentally different from classical computers. While large-scale quantum computers capable of breaking these current cryptographic systems are not yet a reality, the potential for their development poses a significant threat to contemporary security measures.
With this threat in mind, organisations are beginning to think about switching to post-quantum cryptography (PQC). There are a number of drivers for this significant change in the way that the online world will work. These include:
Secrecy: Many current encryption systems do not offer forward secrecy against future quantum attacks, meaning that all previously encrypted communications could potentially be decrypted if the encryption keys are ever broken, undermining the integrity of all communications;
Stability: The global financial system relies on cryptography to secure transactions and protect sensitive data. Quantum computing could undermine these protections, exposing economies to potential destabilisation.
Privacy: Individual privacy depends significantly on strong cryptographic standards. You can have security without privacy, as the old saying goes, but you can’t have privacy without security. Without quantum-resistant encryption then personal data, communications and other private information could become accessible to adversaries equipped with quantum computing technology.
To address these challenges, researchers and organisations are actively working on developing post-quantum cryptography (PQC) standards. These new cryptographic algorithms aim to be secure against both classical and quantum computational attacks, ensuring the continuity of secure digital communications and data storage into the quantum era. NIST, with other international bodies, is leading efforts to standardise post-quantum cryptographic algorithms.
Kyber, used by Apple, is one of these algorithms. Technically it is a key encapsulation mechanism (KEM) designed to be resistant to attacks with future quantum computers. It is used to establish a shared secret between two communicating parties without an attacker in the transmission system being able to decrypt it. A detailed analysis of the protocol from the University of Waterloo shows that PQ3 provides confidentiality with forward secrecy and post-compromise security against both classical and quantum adversaries, in both the initial key exchange as well as the continuous rekeying phase of the protocol.
In others words, it’s pretty secure.
It’s not only Apple moving in this direction. Signal, a widely-used messaging service (their protocol is used by other services as well) introduced post-quantum cryptography last year. Their new protocol (known as PQXDH) is already in the Signal client applications they say that in a few months time they will disable their old protocol and require post-quantum for all new chat.
So if Apple and Signal are shifting to post-quantum security, it’s probably time for fintechs to look in that direction too. While working quantum computers capable of breaking today’s security may be a few years away, they will undoubtedly be here one day. Bruce Schneier, a leading expert in the field (and someone who I always listen to on such matters) says that now is probably the right time to worry about, and defend against, attackers who are storing encrypted messages in hopes of breaking them later on future quantum computers.
(In other words, an enemy could harvest your data and then tuck it away safely until a quantum computer comes out a decade from now, when they can then get access to your data.)
Why Change?
If you provide critical infrastructure — such as power grids, transit systems or financial services — then you already rely on cryptography and you need to develop a post-quantum security strategy, starting with assessing the risk and understanding which assets are most vulnerable to quantum attacks. This way, you can prioritise the integration of quantum-resistant algorithms. You might also want to think about training cybersecurity personnel in post-quantum cryptography concepts and techniques to be ready for future implementations.
There is no need to panic. Your organisation does not need to switch to post-quantum cryptography tomorrow. However, a good post-quantum security strategy is a sound basis for ensuring the resilience of your services against future quantum threats, so you should probably start work on one tomorrow.