Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search

Signal towards the Future: Post Quantum Cryptography now protects our messages

Tara Lie : 25 September 2023 14:06

Translator: Tara Lie

Signal has announced that it has improved encryption within its messenger application.

Its end-to-end communication protocol now uses quantum-resistant cryptographic keys, making it resistant to future attacks by quantum computers.

Iscriviti GRATIS alla RHC Conference 2025 (Venerdì 9 maggio 2025)

Il giorno Venerdì 9 maggio 2025 presso il teatro Italia di Roma (a due passi dalla stazione termini e dalla metro B di Piazza Bologna), si terrà la RHC Conference 2025. Si tratta dell’appuntamento annuale gratuito, creato dalla community di RHC, per far accrescere l’interesse verso le tecnologie digitali, l’innovazione digitale e la consapevolezza del rischio informatico.

La giornata inizierà alle 9:30 (con accoglienza dalle 9:00) e sarà interamente dedicata alla RHC Conference, un evento di spicco nel campo della sicurezza informatica. Il programma prevede un panel con ospiti istituzionali che si terrà all’inizio della conferenza. Successivamente, numerosi interventi di esperti nazionali nel campo della sicurezza informatica si susseguiranno sul palco fino alle ore 19:00 circa, quando termineranno le sessioni. Prima del termine della conferenza, ci sarà la premiazione dei vincitori della Capture The Flag prevista per le ore 18:00.
Potete iscrivervi gratuitamente all'evento utilizzando questo link.

Per ulteriori informazioni, scrivi a [email protected] oppure su Whatsapp al 379 163 8765


Supporta RHC attraverso:


Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo.

Quantum computers – that at the moment do not have concrete applications, as we saw in the interview with Prof. Morello from the ARC Center of Excellence for Quantum Computation in the University of New South Wales in Australia and from Prof. Severini, director of quantum technologies at Amazon Web Services (AWS) – have the potential to be much more powerful and efficient than current systems, allowing them to perform calculations that would take years for a modern supercomputer.

As these computers slowly begin to become a reality, one of the threats this emerging technology poses is weakening current cryptographic schemes – allowing protected data to be quickly decrypted at a future time, and gaining access to confidential information.

Nevertheless, the collection of encrypted data with the aim of decrypting it once such computers become a reality, is beginning to be spoken about. This can be remediated – or at least mitigated – by implementing encryption algorithms that are resistant to quantum computers, as suggested previously by the National Institute of Standards and Technology (NIST).

In terms of messaging apps such as Signal that utilise end-to-end encryption to protect communication, the adoption of such approaches – and therefore the use of quantum-safe algorithms – becomes an increasingly important step to implement as each day passes. 

Signal explains that its X3DH (Extended Triple Diffie-Hellman) protocol has been upgraded to PQXDH (Post-Quantum Extended Diffie-Hellman), which incorporates quantum-resistant key generation mechanisms for Signal’s end-to-end encryption specification protocol (E2EE).

“We believe that the key encapsulation mechanism we have selected, CRYSTALS-Kyber, is built on solid foundations, but to be safe we do not want to simply replace our existing elliptic curve cryptography foundations with a post-quantum public key cryptosystem” explains Signal, and adds: “Instead, we are augmenting our existing cryptosystems such that an attacker must break both systems in order to compute the keys protecting people’s communications.

PQXDH uses both the elliptic curve protocol X3DH and a post-quantum key encapsulation mechanism called CRYSTALS-Kyber.

CRYSTALS-Kyber is one quantum-resistant algorithm among those approved by NIST, suitable for quick operations that require encryption key exchange. Signal points out that the transition to PQXDH is just the first step towards reaching quantum-resistant E2EE (end-to-end encryption). 

Tara Lie
Cyber Security manager from Perth, Western Australia, focused on governance, risk quantification and compliance. Graduate of cyber security and pure mathematics, with a second-major in Italian Studies. Tara has earned a Master's degree in Cyber Security, and is pursuing her PhD researching cyber security in the post-quantum era.
Categories
Banner

Editorial board : [email protected]

Facebook Linkedin Youtube Telegram Twitter Pinterest Tumblr
Redhotcyber is an open-news project that was launched in 2019 and subsequently expanded into a network of individuals collaborating to disseminate information and topics focused on technology, Information Technology, and cybersecurity. Its goal is to increase risk awareness among an ever-growing number of people.