Signal is taking proactive steps to ensure the security of its encrypted messaging platform in the face of potential quantum computing threats. The Signal Foundation, the non-profit organization behind the Signal messaging app, has announced an upgrade to its Extended Triple Diffie-Hellman (X3DH) specification. This upgrade, known as PQXDH, incorporates post-quantum cryptography to safeguard against the possibility that quantum computers could one day render existing cryptographic systems obsolete.
Quantum computing, while not an immediate threat, has the potential to break current public-key cryptography used by Signal. Quantum computers, when they reach a sufficient level of power, could theoretically compute private keys from public keys, compromising the security of encrypted messages.
Signal’s move to implement post-quantum cryptography aims to counter a strategy known as ‘harvest now, decrypt later,’ where attackers store encrypted data with the expectation that it may become crackable in the future. While quantum computers may not surpass classical computers in all types of computations, they excel in specific areas, leading to debates surrounding concepts like ‘quantum supremacy’.
One of the early examples of quantum computing advantage is Shor’s Algorithm, which can efficiently find the prime factors of large numbers. This poses a threat to the one-way functions of cryptographic systems like RSA, as it undermines the security of public-key cryptography.
To address these concerns, Signal has upgraded its protocol from X3DH to PQXDH. This new protocol computes a shared secret for private communication sessions using both the elliptic curve key agreement protocol X25519 and the post-quantum key encapsulation mechanism CRYSTALS-Kyber, as recommended by the US National Institute of Standards and Technology (NIST).
By combining these two shared secrets, Signal adds an extra layer of security, making it necessary for potential attackers to break both X25519 and CRYSTALS-Kyber to access the shared secret. This dual-system approach was adopted because one of the quantum-resistant standards recommended by NIST was found to be vulnerable to classical computers.
It’s important to note that Signal’s PQXDH protocol is primarily designed to protect against the ‘harvest now, decrypt later’ scenario and does not provide defense against active quantum attackers. In other words, it won’t stop a malicious server with access to a quantum computer from generating new key pairings and intercepting encrypted communications.
The new quantum-resistant protocol has already been integrated into Signal’s latest versions, ensuring that users can continue to communicate securely in a world where quantum computing capabilities are evolving.