Signal has announced that it upgraded its end-to-end communication protocol to use quantum-resistant encryption keys to protect users from future attacks.
Quantum computers that use qubits (superpositions of 0 and 1) have the potential to be much more powerful and faster than current systems, allowing them to perform computations that would typically take years in a short time.
While Quantum computers are not a threat yet, large tech firms and other stakeholders are already preparing for their game-changing advent.
One of the threats this emerging technology poses is to weaken current encryption schemes, allowing protected data to be decrypted quickly and gaining access to encrypted secrets.
Predictions on when powerful enough quantum computers might emerge vary from 5 years to never. Nonetheless, we already face the risk of “harvest now, decrypt later,” making the adoption of quantum-resistant algorithms important.
Quantum-resistant E2EE
For communication apps, like Signal, that use end-to-end encryption to protect communication between two parties, the concern is that encrypted communications can be intercepted and deciphered to expose the contents of the communication.
Signal explains that its “X3DH” (Extended Triple Diffie-Hellman) key agreement protocol has been upgraded to “PQXDH” (Post-Quantum Extended Diffie-Hellman), which incorporates quantum-resistant secret key generation mechanisms for Signal’s end-to-end encryption (E2EE) specification.
Specifically, PQXDH uses both X3DH’s elliptic curve key agreement protocol and a post-quantum key encapsulation mechanism called CRYSTALS-Kyber.
CRYSTALS-Kyber is a NIST-approved quantum-resistant cryptographic algorithm suitable for general encryption and speedy operations that require a quick exchange of small encryption keys.
“We believe that the key encapsulation mechanism we have selected, CRYSTALS-Kyber, is built on solid foundations, but to be safe, we do not want to simply replace our existing elliptic curve cryptography foundations with a post-quantum public key cryptosystem,” explains Signal.
“Instead, we are augmenting our existing cryptosystems such that an attacker must break both systems in order to compute the keys protecting people’s communications.”
Signal emphasizes that the transition to PQXDH is just the initial move toward achieving quantum-resistant E2EE.
Over the coming years, further upgrades and adaptations will be rolled out to fill data security gaps or address emerging challenges from ongoing research.