Security News > 2023 > September > Signal takes a quantum leap with E2EE protocol upgrade

Signal has announced an upgrade to its end-to-end encryption protocol to protect users of its popular messaging app from encryption-breaking attacks through quantum computers.

"Quantum computing represents a new type of computational system which leverages quantum mechanical properties to solve certain complex problems many orders of magnitude more quickly than modern classical computers. Instead of bits as in a classical computer, quantum computers operate on qubits," explained Ehren Kret, CTO at Signal.

"If a sufficiently powerful quantum computer were built in the future, it could be used to compute a private key from a public key thereby breaking encrypted messages. This kind of threat is known as Harvest Now, Decrypt Later," Kret noted.

To advance quantum resistance for the Signal Protocol, Signal upgraded its Extended Triple Diffie-Hellman key agreement protocol to the Post-Quantum Extended Diffie-Hellman.

"The essence of our protocol upgrade from X3DH to PQXDH is to compute a shared secret, data known only to the parties involved in a private communication session, using both the elliptic curve key agreement protocol X25519 and the post-quantum key encapsulation mechanism CRYSTALS-Kyber," Kret explained.

Denis Mandich, CTO and Co-Founder of Qrypt and founding member of Quantum Economic Development Consortium, told Help Net Security that Signal's upgrade to quantum-safe encryption elevates them far above all secure messaging apps.

News URL

https://www.helpnetsecurity.com/2023/09/21/signal-quantum-computers/