Although Apple says bad actors aren’t using quantum computing to break into your messages yet, this update aims to safeguard them.
Apple’s upcoming iOS 17.4 update adds a new security feature to iMessage that’s so futuristic that the attack strategy it’s protecting against hasn’t been developed yet. Once you download the next version of iOS, your iMessage chats will have an elevated level of encryption that Apple says can’t be broken into with quantum computers.
Quantum computing is a radically different form of processing relying on the peculiar physics laws of the ultrasmall. It’s still in its infancy, but if current progress is sustained, it’ll be able to run new algorithms that can crack conventional encryption. For that reason, security experts are concerned that malefactors will use it to peer into private communications, whether it’s you chatting with your friends or the military dispatching orders.
Apple said that it hasn’t seen this kind of attack yet — no surprise, since quantum computers powerful enough remain years away — but wanted to future-proof its iMessage platform ahead of any quantum computing break-ins, which the security community expects is likely to happen in the coming decades.
That’s important because communications data intercepted today could be cracked eventually if quantum computers fulfill their promise.
Apple says that its new PQ3 Messaging Protocol, as it’s called, will protect your messages as they travel from one device to another just like the current method of end-to-end encryption. Consumers don’t have to do anything but download the latest version of iOS to get it, and PQ3 is coming to protect iMessage on Macs, iPads and Apple Watches in MacOS 17.4, iPadOS 17.4 and WatchOS 10.4, respectively. Apple’s new visionOS for the Apple Vision Pro headset isn’t included in this initial release.
PQ3 is Apple’s first version of what the security industry calls post-quantum cryptography, which are algorithms designed for a future where quantum computing is commonplace. Privacy-focused chat app Signal announced last year that it would upgrade its Signal Protocol with a version of PQC, and Apple says its PQ3 solution is more advanced, as its protocol can restore security even if the cryptographic key (the security handshake authenticating each device in a conversation) is compromised by generating keys for each message.
To benefit from PQ3, both sender and receiver must download the new protocol, so you’ll need to convince friends and family to update their iPhones, iPads and Macs for even more secure messaging. Like the current end-to-end encryption on iMessage, PQ3 protects messages in transit, so you won’t need to worry about old conversations preupdate (those are protected on the device). So your years-old group chat is safe on everyone’s phone, tablet or computer, and any new messages will get PQ3 protection.
The National Institute of Standards and Technology is spearheading the standardization of several quantum-proof encryption technologies, an important process that can spot problems early and speed adoption. Apple is drawing on that work, the company said, but also is using a hybrid approach that maintains conventional encryption’s protections.
Google began testing a version of Chrome with post-quantum cryptography protections in 2016 and has been working with several companies to ensure the technology doesn’t break today’s internet technology.
Although quantum computing threats are still over the horizon, Apple says it’s preparing ahead of time, a precautionary legacy dating to the end-to-end encryption included in iMessage when it launched in 2011. But Apple is also concerned about another potential attack strategy called “harvest now, decrypt later.” By safeguarding iMessages now, even if they’re intercepted and stored for years, no quantum computer is expected to be developed that can crack into them down the line.
Apple is releasing PQ3 to iMessage users worldwide and has developed it efficiently so messaging won’t be slowed by larger message sizes, the company said in a blog post announcing the feature. Eventually, Apple plans to expand the protocol to some of its other software, but hasn’t shared exact details, except to say that PQ3’s rollout will continue through the rest of the year.