• WolfLink
    link
    fedilink
    English
    arrow-up
    27
    ·
    9 months ago

    TLDR Signal made a decision that has different tradeoffs and is waiting for the tech to improve before taking the step Apple did.

    All of these updates are extremely cutting edge and PQC tech is not matured, so both Signal and Apple implementing it now is mostly a marketing move.

    In Apple’s press release, they mention they use a combination of the new PQC “Kyber Crystals” algorithm and the existing standard “ECDSA” algorithm. This is because Kyber is is too new and hasn’t stood the test of time yet. Apple doesn’t want to trust it fully because someone could come discover a vulnerability.

    Even if it is motivated by marketing, it’s good that these companies are competing in this space because it drives the tech forward, and it’s good that they are working on including PQC now even though the tech is immature, because the goal is to protect against attacks involving storing encrypted data now and decrypting it later once quantum computers are more mature.