Friday, April 19, 2024
Evina 110o x 220

    How quantum-secure are today’s messaging apps? Not very… and that’s a problem

    Quantum computing – using the wave-particle duality of sub-atomic particles to act as super diodes – may sound like sicnce fiction, but it is already finding practical uses in the digital world – and not just with the good guys.

    Quantum computing has significantly elevated the threat of hacking, highlighting the critical importance of implementing quantum-level security measures in application algorithms.

    To assess the risk, Surfshark has assessed 12 widely used messaging apps to determine their quantum security status, identifying those capable of withstanding quantum hacking attempts. This assessment is based on known quantum threats and the emergence of new threats remains a possibility.

    Consequently, apps deemed quantum-secure today may need to adjust their defences in the future. Nonetheless, those currently recognised as quantum-secure are demonstrating proactive measures, while those relying on traditional encryption or lacking encryption altogether are falling behind.

    According to the research, only two messaging applications are currently prepared for the quantum computing era: Signal and iMessage. Signal’s recently announced Post-Quantum Extended Diffie-Hellman (PQXDH) encryption protocol may not be as advanced as Apple’s PQ3², but it is nonetheless equipped to defend against the present quantum computing threats.

    Half of the most popular analysed applications provide End-to-End (E2E) encryption by default, which protects against conventional threats. However, classical cryptography is not secure against quantum computing threats.

    Notably, even though Skype encrypts messages, when a Skype call is made to a mobile or landline phone, the segment of the call transmitted via the Public Switched Telephone Network (PSTN) is not encrypted by Skype.

    Are big tech companies lagging behind? Facebook only introduced default encryption of messages a few months ago – seemingly a delayed reaction, especially since Apple has recently introduced its quantum-secure messaging encryption protocols. Another major player, Google, has had encrypted messages in its pre-installed Android messenger (Google Messages) by default for about half a year, slightly earlier than Facebook Messenger. Nevertheless, both of these tech giants’ messaging applications significantly trail behind Apple in terms of security.

    Some messaging applications are not only vulnerable to quantum threats but also fail to provide default protection against current dangers. Telegram, WeChat, and QQ do not have encryption enabled as the standard setting. Snapchat encrypts images but not text messages.

    The absence of E2E encryption leaves a conversation vulnerable to interception by hackers, governments, or private entities. And the results of such interception can be dire — even a seemingly innocent joke shared in a private conversation can result in arrest.

    Messaging apps developed in authoritarian countries often lack straightforward default encryption. WeChat and QQ (both lacking encryption) originate from China, while Telegram (also without default encryption) was founded by brothers with Russian origins and is headquartered in the United Arab Emirates. The same brothers also founded the widely-used platform VK, which was later acquired by the Russian state.

    At least one in six people worldwide could be subject to surveillance through unencrypted messaging. WeChat boasts over 1.3 billion users, with around half a billion residing outside China. Telegram recently reached 900 million users.

    To be on the safe side, Surfshark has assumed that all Telegram users use WeChat as well, which most likely is not true and would mean that even more people are vulnerable to unencrypted message peaking.

    Related Articles

    Subscribe to our newsletter

    To be updated with all the latest news, offers and special announcements.

    24 Seven 600x500
    SeriouslyFresh 600x500
    Evina 900x750