The messaging app iMessage was subjected by Apple to an important restyling operation from the point of view of security and privacy.
As well as the competitor SignalIn fact, the application will protect its messages through two distinct techniques crittografia end-to-end. The new technique applied to content, known as PQ3 encryptionis the practical implementation of a new algorithm known as Cyber. This, compared to the other algorithms used so far on iMessage, is even more difficult for potential attackers to decipher.
The changes made by Apple follow, five months later, the implementation of Signal Foundation on the “competing” app. Just like iMessage, in fact, Signal has added Kyber to X3DHthe algorithm he used previously.
iMessage like Signal: here is the Kyber algorithm
End-to-end encryption is a now widespread protection technique that makes it impossible for anyone other than the sender and recipient of a message to read it.
Despite this, this data defense system has recently been put to the test by the application ofquantum computing, which can force encryption and make it useless. In this sense, a future market debut of quantum computers could spell the end of today’s cryptography.
A common estimate is that in the future a quantum computer with 20 million pounds (the unit that measures computing power) will be able to decipher a single 2,048-bit RSA key in about eight hours. A real “assist” for i cybercriminali.
The moves by Apple and Signal aim to defend themselves from this more or less imminent future by using Kyber, one of many PQC algorithms currently approved by National Institute of Standards and Technology.
This algorithm is still relatively new but the application by two important messaging apps such as iMessage and Signal demonstrates how its combination with previous techniques can guarantee (at least for a few years) a certain level of security for users.
Another new feature to make messages more protected
However, Apple did not limit itself to this introduction, although very important.
The messaging application, in fact, involved the introduction of dynamic cryptographic keys, which will now be applied dynamically to individual messages and not to the entire discussion. This means that, even in the event of intrusion, the cybercriminal will have to individually decrypt each message sent and received by the user, encountering significant operational difficulties.
Also in this case, Apple was inspired by Signal, which has long adopted a protocol signature known as ratcheting.