29 Feb 2024
Feisty Duck’s Cryptography & Security Newsletter is a periodic dispatch bringing you commentary and news surrounding cryptography, security, privacy, SSL/TLS, and PKI. It's designed to keep you informed about the latest developments in this space. Enjoyed every month by more than 50,000 subscribers. Written by Ivan Ristić and Robert Thornton.
Apple announced a significant upgrade of the communication protocol used by iMessage, working to add defenses against post-quantum attacks. The new protocol, called PQ3, is promoted as offering the strongest security properties of any protocol deployed at scale.
Signal already beat Apple to deploying production-grade post-quantum security with its PQXDH protocol, launched last year, but Apple claims to be going a step further, with protection for the initial key establishment as well as ongoing post-quantum rekeying. This new protocol version adds forward security (which Signal already has) and formal validation: all good things.
Apple considers PQ3 to be a “level 3” protocol and plans a future revision that will add post-quantum authentication on top of the existing post-quantum key establishment. PQ3 is currently in the final stages of testing and will be deployed with the final releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4. Apple expects that the new protocol will be fully deployed by the end of 2024.
This news is great for the users of Apple’s platforms, but communication that crosses into other messenger systems will remain insecure as it falls back to the plain-old SMS. The release of Message Layer Security (MLS) last year raised hopes that we may see interoperability among various messenger platforms in the future, but that will probably take another couple of years, at least.
This subscription is just for the newsletter; we won't send you anything else.
After several years, the long story of Article 45 has come to an end with the European Parliament making further clarifications to separate their authentication requirements (via certificates) from browsers’ freedom to enforce security:
To that end, providers of web-browsers should ensure support and interoperability with qualified certificates for website authentication issued in full compliance with this Regulation. The obligation of recognition and interoperability of and support for qualified certificates for website authentication does not affect the freedom of providers of web-browsers to ensure web security, domain authentication and the encryption of web traffic in a manner and by means of technology that they consider to be the most appropriate.
The Security Risks Campaign is happy with the outcome.
Prossimo, a project of Internet Security Research Group (ISRG) focused on software memory safety, continues to make good progress on their new and modern TLS library. Rustls, as the project is known, is written in Rust, a programming language focused on correctness and security.
With the most recent release, Rustls added support for pluggable cryptography, making the library more useful to a wider range of audiences. The default backend is now AWS-LC, Amazon’s general purpose cryptographic library that’s not only fast, but supports FIPS, a US government standard that’s important to many users.
Going forward, Rustls is focusing on rigorous benchmarking intended to further improve performance, and an OpenSSL compatibility layer in order to make it easier for users to upgrade. Although AWS-LC itself is based on OpenSSL and its fork BoringSSL, the pluggable nature of Rusttls leaves the door open for an all-Rust implementation in the future.
Here are some things that caught our attention since the previous newsletter:
Designed by Ivan Ristić, the author of SSL Labs, Bulletproof TLS and PKI, and Hardenize, our course covers everything you need to know to deploy secure servers and encrypted web applications.
Remote and trainer-led, with small classes and a choice of timezones.
Join over 2,000 students who have benefited from more than a decade of deep TLS and PKI expertise.