Site icon

What Is Post-Quantum Cryptography and Apple’s PQ3?

The existence of quantum computers on the horizon has shaken the cryptography world, and researchers and scientists have received a massive response to build feasible Post-Quantum Cryptography (PCQ). Recently, Apple has taken an enormous step forward by announcing their own PCQ systems, PQ3, in Apple devices. 

Learn more about PCQ and Apple’s announcement and the more significant impact of post-quantum encryption.

 

What Is Apple’s PQ3 Protocol?

Apple devices have been heralded as well-defended from data exposure, including strong encryption and biometric security for consumer devices. Their recent announcement of the PQ3 represents a significant upgrade in cryptographic security, aiming to provide the highest level of protection against current and future threats (specifically against threats to the iMessage app), including those posed by quantum computing. 

Some of the goals of PQ3 include:

The protocol will start rolling out with public releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4, and is already included in developer preview and beta releases.

How Does Post-Quantum Cryptography Work?

Post-quantum cryptography, also known as quantum-resistant cryptography, is a type of cryptography designed to provide secure communication protocols in the era of quantum computing. Traditional cryptographic systems, particularly those based on public-key cryptography, rely on mathematical problems that are currently hard for classical computers to solve but could be easily broken by a sufficiently powerful quantum computer. 

The main areas of research in PQC include????:

The Transition to Post-Quantum Cryptography

The transition to post-quantum cryptography is a global effort that involves standardization bodies like the National Institute of Standards and Technology (NIST), which has been actively working on a post-quantum cryptography standardization project. This project aims to identify and standardize quantum-resistant cryptographic algorithms for widespread adoption before quantum computers become capable of breaking current encryption methods???.

The challenge lies in developing secure and efficient quantum-resistant algorithms and ensuring these algorithms can be integrated into the existing digital infrastructure. This includes updating cryptographic libraries, securing internet protocols such as TLS, and ensuring that hardware and software can support the new standards without significant performance penalties???.

 

Will These Standards Work with Compliance Frameworks?

NIST plays a pivotal role in standardizing cryptographic algorithms, including post-quantum cryptography. They have been conducting a Post-Quantum Cryptography Standardization project since 2016, aiming to establish standards for quantum-resistant cryptographic algorithms. 

The compliance of post-quantum encryption with major cybersecurity standards will largely depend on the outcomes of this project and other considerations such as:

 

Learn More About Your Encryption Requirements and the Future with Continuum GRC

Continuum GRC is a cloud platform that can take something as routine and necessary as regular vulnerability scanning and reporting under FedRAMP and make it an easy and timely part of business in the public sector. We provide risk management and compliance support for every major regulation and compliance framework on the market, including:

We are the only FedRAMP and StateRAMP-authorized compliance and risk management solution worldwide.

Continuum GRC is a proactive cyber security® and the only FedRAMP and StateRAMP-authorized cybersecurity audit platform worldwide. Call 1-888-896-6207 to discuss your organization’s cybersecurity needs and find out how we can help your organization protect its systems and ensure compliance.

[wpforms id= “43885”]

Exit mobile version