Particle.news
Download on the App Store
5 ARTICLES
·
2h ago

Signal Begins Rolling Out Post‑Quantum ‘Triple‑Ratchet’ to Protect Chats

The upgrade adds a SPQR layer that uses NIST‑reviewed ML‑KEM 768 with fragmented key exchange to curb overhead.

Signal verfügt über eine wirksame Ende-zu-Ende-Verschlüsselung
So sichert Signal seine Chats gegen Quantencomputer ab
Image
Signal gilt als sicherer Messenger. Aber eignet sich auch für Regierungsangelegenheiten? (Foto: Funstock / Shutterstock)

Overview

  • SPQR extends Signal’s Double‑Ratchet into a Triple‑Ratchet by generating new post‑quantum keys during ongoing conversations without replacing the existing asymmetric ratchet or the PQXDH initial exchange.
  • Large post‑quantum keys are split across messages using erasure codes so recipients can reconstruct a key after receiving enough fragments, which resists targeted message dropping.
  • For lopsided chat patterns, Signal introduces an incremental variant called ML‑KEM Braid so each side can produce fragments quickly even when one participant sends far fewer messages.
  • Deployment starts in a backward‑compatible mode where older clients ignore authenticated SPQR data, downgrades are only allowed at conversation start, and Signal plans to require SPQR once adoption is widespread.
  • Signal is pursuing assurance through peer‑reviewed research submissions to Eurocrypt and USENIX and continuous formal verification that translates its Rust implementation into F* to reduce implementation errors, with no expected changes to user experience beyond installing updates.