The Signal messaging app protocol provides end-to-end encryption for private communications used by billions of people worldwide.
Signal has enhanced its security by announcing PQXDH, which can protect calls and chats from future threats.
Encryption in messaging environments involves separate ideas that must be integrated appropriately for different projects. We break ideas into independent specifications.
What is PQXDH?
PQXDH (Post-Quantum Extended Diffie-Hellman) signal safeguards calls and chats from future threats.
- The first step in post-quantum resistance for the Signal Protocol.
- PQXDH is now available on Signal, protecting your calls and chats from future quantum computing threats.
PQXDH establishes a shared secret key between two parties who mutually authenticate each other based on public keys.
“Today we are happy to announce the first step in advancing quantum resistance for the Signal Protocol: an upgrade to the X3DH specification, which we are calling PQXDH,” according to the Signal blog. “With this upgrade, we are adding a layer of protection against the threat of a quantum computer being built in the future that is powerful enough to break current encryption standards.”
The Signal messaging app protocol has been upgraded from X3DH to PQXDH. The new protocol enables parties in a private communication session to compute a shared secret using the elliptic curve key agreement protocol X25519 and the post-quantum key encapsulation mechanism CRYSTALS-Kyber.
To combine these two shared secrets to make it harder for attackers to compute the same shared secret. This is because an attacker would need to break both X25519 and CRYSTALS-Kyber to access the shared secret.
PQXDH provides post-quantum forward secrecy and a form of cryptographic deniability but still relies on the hardness of the discrete log problem for mutual authentication in this protocol revision.
“Our new protocol is already supported in the latest versions of Signal’s client applications and is in use for chats initiated after both sides of the chat are using the latest Signal software.”
“In the coming months (after sufficient time has passed for everyone using Signal to update), we will disable X3DH for new chats and require PQXDH for all new chats, Signal added.”
“In parallel, we will roll out software updates to upgrade existing chats to this new protocol.”
Protecting Signal from Future Quantum Computers.
PQXDH protects Signal messages against future quantum computing threats. Further upgrades needed for current Cyber threats.
The research is needed to address the remaining gaps in post-quantum cryptography.
The company recommends to read the PQXDH whitepaper’s security considerations section for information on open research areas.
