iOS 17.4 is getting a major iMessage security upgrade to thwart quantum computing attacks

iMessage on an iPhone
(Image credit: Tom's Guide)

When iOS 17.4 becomes publicly available in March, the best iPhones are getting a major security upgrade to protect them from attacks carried out using quantum computers. Yes, Apple is that forward thinking.

It may be known for its cross-device functionality and the fact that it lets you send text messages for free over Wi-Fi, but Apple’s iMessage is actually one of the best encrypted messaging apps available. Long before the launch of Signal, Apple was providing iPhone and Mac users with end-to-end encrypted chats by default, all the way back in 2011 when iMessage was first released.

Over the years, the iPhone maker has significantly upgraded the cryptography used by iMessage to make the service more secure. For instance, back in 2019, Apple switched its cryptographic protocol from RSA (Rivest–Shamir–Adleman) to Elliptic Curve. The company then added Secure Enclave to the service to make it even more difficult to extract encryption keys from your iPhone.

Now though, Apple is taking iMessage to the next level by adding post-quantum cryptography (PQC). Here’s everything you need to know about this new cryptographic protocol and how it will keep your iMessage chats safe from hackers for years to come.

Harvest now, decrypt later

A hacker typing quickly on a keyboard

(Image credit: Shutterstock)

Despite recent advances, quantum computers are still in their infancy but companies around the world are working to make them a reality. According to McKinsey, a quantum computer able to “function at scale” might “not be viable before 2040” or even later. Still though, businesses are making preparations for a post-quantum world right now.

The reason for this is because of an attack scenario known as “Harvest Now, Decrypt Later” which could be used by hackers and other cybercriminals. As a result of a steep decrease in data storage costs, hackers can collect loads of encrypted data now and store this data until they’re able to decrypt it a later time using a quantum computer. 

Unlike a classical or traditional computer, quantum computers will have no trouble at all breaking today’s cryptographic standards because of their increased processing power. As such, if messages were encrypted using the best protocols available today, there’s a high chance their contents could be decrypted using a quantum computer in the future.

This is why the cryptographic community has been hard at work developing post-quantum cryptography (PQC). These new public key algorithms are designed to provide the building blocks for future, quantum-secure protocols. However, they don’t require a quantum computer to run.

Recently, Signal added support for the PQXDH protocol while Apple has developed its own cryptographic protocol called PQ3 which offers the strongest protection against quantum attacks to date. While you will have to wait some time before you can get your hands on a quantum computer, support for Apple’s PQ3 will roll out next month with the public release of iOS 17.4, iPadOS 17.4, macOS 14.4 and watchOS 10.4. In fact, this new cryptographic protocol is already being tested in Apple’s developer previews  and beta releases.

Once the company gains “operation experience” with PQ3 on a global scale with iMessage, this new protocol will replace the existing one in all supported conversations later this year.

The time to prepare for a post-quantum world is now

iOS 17 messages new plus button

(Image credit: Future)

It may seem a bit strange that Apple is currently worried about the quantum attacks of the future but these concerns are shared by other large companies too. Plus, now that it's rolling out PQ3 support on its devices, other companies will follow suit with their own quantum-proof protocols.

Quantum computers have the potential to change our world even more so than the launch of ChatGPT two years ago now. For example, even the best password managers will have a hard time protecting your credentials unless they follow a similar path to Apple. If breaking powerful cryptographic protocols is this easy for a quantum computer, just imagine how quickly one could gain access to your passwords.

We’ll have a chance to test out PQ3 for ourselves once iOS 17.4 becomes available but as of now, we don’t yet know how or even if this new cryptographic protocol will change the way in which you use iMessage. It likely won’t though and will probably take the form of a background update designed to make your chats on iPhone more secure without changing what works.

More from Tom's Guide

TOPICS
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.