Didn’t Signal update their protocol to make it post-quantum?
Yes but this tool doesn’t require your phone number unlike Signal
Many messengers did
Afaik just the Signal Protocol and iMessage (no reason to use the latter tho!).
Neat.
Warning disclaimer : I’m not a cryptographer.
I actually tinkered with https://github.com/open-quantum-safe and it’s actually quite simple to become “post-quantum” whatever. The main idea being that one “just” have to switch their cryptographic algorithm, what one uses to encrypt/decrypt a message, from whatever they are using to a quantum-resistant (validated by NIST or whomever you trust to evaluate them) and… voila! The only test I did was setting up Apache httpd and querying that server with Chromium and curl, all with oqs, while disabling cryptographic algorithms that were not post-quantum and I was able (I think ;) to be “safe” relative to this kind of attacks.
Obviously this is assuming a lot, e.g that there are not other flaw in the design of the application, but my point being that becoming quantum-resistant is conceptually at least quite simple.
Anyway, I find it great to demystify this kind of progress and to realize how our stack can indeed, if we do believe it’s worth it now, become resistant to more threats.
Now we wait for someone to build an absolutely wonderful chat app on top of this wonderful bit of PoC code…
I genuinely hope someone does. Imagine what this could do if this was routed over Tor using Private Services.
Run this over that; and you’d have a bullet-proof text chat. Wrap a nice GUI client around all of that and you have a proper secure, anonymous messenger with no problems. With a little more build-out; you could even implement the Matrix protocol over this wire-line and basically have full inter-federation and moderation over a secure wire protocol; allowing for complete privacy and client integration.
TL;DR: Matrix over PQChat over Tor. Think about it. A Post-Quantum Dark-Matrix web.
