Apple's messaging app is one of the applications that continues to evolve until it reaches new security standards, to the point that today iMessage is the most secure messaging application. And all this comes from an innovation, the PQ3 protocol, which aims to lay the foundations for security in messaging applications.
In this post, we invite you to share with us a little more about why iMessage is the most secure messaging application and the benefits that PQ3 brings with itself.
What is this PQ3?
A summary of how PQ3 works
PQ3 is a post-quantum cryptographic protocol that Apple has developed for improve iMessage security, which seeks to improve the end-to-end encryption of the app itself, providing stronger security against cyber attacks, even those powered by quantum computers, which tend to be highly powerful and sophisticated, as indicated in AppleResearch.
Although sophisticated quantum computing attacks are not yet a widespread threat today (more than anything, due to the lack of hardware and specific development), the Cupertino company is preparing for a future where criminals try to undo current encryption standards and iMessage security layers with the help of computers capable of doing large amounts of calculations without breaking a sweat.
To mitigate the risks of future quantum computers, the crypto community has been working on post-quantum cryptography (PQC), the new public key algorithms that provide the building blocks for secure quantum protocols but don't require a quantum computer to operate and that Apple has brought directly to iMessage creating what they called Security Level 3 security (PQ3, for friends)
What is Quantum Computing?
Quantum computing is an emerging technology that has the potential to solve classical mathematical problems in fundamentally different ways and thus, in theory, do so fast enough to threaten the security of end-to-end encrypted communications, which basically translates into making calculations quickly and accurately with a quantum computer.
A quantum computer is a type of computer that uses the principles of quantum mechanics to process and store information. Unlike classical computers, which use bits to represent information in the form of zeros and ones, quantum computers use qubits, which are units of quantum information.
These quantum properties allow quantum computers to perform certain calculations much more efficiently than classical computers in certain tasks, such as the factorization of large numbers, combinatorial optimization, and the simulation of quantum systems, something that, like everything in life, can be used to breach current passwords and security protocols that have been created with the “bits” in mind.
And what security does WhatsApp offer?
We cannot say that WhatsApp uses a bad security protocol, because that would be a lie. WhatsApp also uses an end-to-end encryption protocol, but instead of PQ3, it uses the Signal, which is relatively different and was a standalone app for a long time.
Like iMessage, WhatsApp uses end-to-end encryption, which means only you and the person you're communicating with can read or hear what's being sent, and no one else, not even WhatsApp. With that end-to-end encryption, Your messages are secured with a padlock, and only you and the recipient have the special key needed to unlock and read them. And all this happens automatically: you don't need to activate any special settings to secure your messages
This protocol is one of the best encryption protocols available today and although it does not reach the PQ3 standard, It does not have to mean that it is obsolete, although Signal is not ready for quantum computing.
So… is iMessage the most secure app for using PQ3?
In my humble opinion, we are going to play with similes to be able to talk about PQ3 and I think I have an example from day to day that comes closest to explaining that although it is an important innovation, Nor should it be the reason for us to stop using WhatsApp, Telegram or similar.
Recently I decided to change the door of my house and discovered the world of «door security levels», a tedious little world where construction materials, forms of installation and in general, the resistance of the door to violent attacks will guarantee a level, marking a good security level from Level 3 until you reach 5.
If what you are looking for is maximum security and you are willing to pay for it, Level 5 is the most logical, without a doubt. Although really, for a property that usually has bustle and neighbors, with a Level 3 door (which are considerably cheaper) you would be covered.
That does not mean that 30 years from now that door will continue to be the limit of efficiency, but what is clear is that today, for the security standards we set, it is more than enough.
PQ3: a powerful standard, but for a future that is not around the corner
The same thing happens with PQ3: It is a super robust standard designed for the not too distant future, although it is not totally imminent either.. How great is it to already have that degree of protection? I'm not saying no, but in a world where quantum computing is something residual that is not expected on a massive scale and even less so by cyber attackers, perhaps abandoning safe alternatives like WhatsApp for this reason is not the most reasonable thing to do. .
In any case, from iPhoneA2 we applaud Apple's courage in launching something totally new and encourage it on the path to continue breaking what exists on the market. Who knows? Perhaps tomorrow computing will be closer than ever and PQ3 will be the standard that defines the future of cybersecurity for our messaging. But what we do know today is that without a doubt iMessage is the most secure messaging application.