Quantum Resistance and the Signal Protocol
Quantum Resistance and the Signal Protocol
The Signal Protocol is a set of cryptographic specifications that provides end-to-end encryption for private communications exchanged daily by billions of people around the world. After its publication in 2013, the Signal Protocol was adopted not only by Signal but well beyond. Technical informat...
'Today we are happy to announce the first step in advancing quantum resistance for the Signal Protocol: an upgrade to the X3DH specification which we are calling PQXDH. With this upgrade, we are adding a layer of protection against the threat of a quantum computer being built in the future that is powerful enough to break current encryption standards.'
I'm not a cryptography expert, or even a security expert, or even more than middling proficient with computers. Could someone with actual skill in this field read this and pipe in with an opinion on if this is actually sufficient to start with or just a layer of false security?
The essence of our protocol upgrade from X3DH to PQXDH is to compute a shared secret, data known only to the parties involved in a private communication session, using both the elliptic curve key agreement protocol X25519 and the post-quantum key encapsulation mechanism CRYSTALS-Kyber. We then combine these two shared secrets together so that any attacker must break both X25519 and CRYSTALS-Kyber to compute the same shared secret.
Not an expert, but what i read here is that they will be using 2 locks. e.g. one traditional key based lock and another fingerprint based lock, and when you need to open the door, you need to open both the locks.
Just for a point of reference, Moxie Marlinspike was probably one of the biggest names in breaking encryption standards before he started Signal.
And as a lifelong anarchist, the sort of person who designs a protocol with the NSA as the imagined adversary.
If you were going to put faith in an individual regarding crypto choices, I'm not sure there's anyone else I'd recommend moreso.
Just in case we needed more evidence to point to Signal as the golden standard of encryption.