Signal has completed its migration to post-quantum encryption across all platforms, becoming the first major messaging app to protect user communications against the threat of future quantum computers capable of breaking current encryption standards.
Technical Details
The upgrade combines the existing Signal Protocol with CRYSTALS-Kyber, a lattice-based key encapsulation mechanism selected by NIST as a post-quantum standard.
- Hybrid approach: combines X25519 (current) with Kyber-1024 (post-quantum) for key exchange
- If either algorithm is broken, the other still protects communications
- Message sizes increase by approximately 1 KB — imperceptible to users
- Protects against "harvest now, decrypt later" attacks by nation-state actors
Why It Matters Now
While practical quantum computers capable of breaking encryption are estimated 10-15 years away, intelligence agencies are believed to be storing encrypted communications for future decryption. Signal's upgrade ensures that messages sent today remain private even if quantum computing advances faster than expected. WhatsApp and iMessage are expected to follow with similar upgrades within 12 months.
