On Signal Protocol and Post-Quantum Ratchets
A quick look at Signal's new end-to-end encryption protocol.
Signal improved its protocol to prepare encrypted messaging for the quantum era.
They call the improvement “Triple Ratchet” (or SPQR = Signal Post-Quantum Ratchet).
If history repeats itself, this could become the next open standard for secure messaging.
Signal (formerly Open Whisper Systems) created the Double Ratchet algorithm in 2013–2014, introduced in TextSecure v2 in February 2014. They packaged it into the open source Signal Protocol. It became the mainstream standard for end-to-end encrypted messaging. XMPP adopted it (OMEMO, first drafted in 2015). Matrix adopted it (Olm/Megolm implements Double Ratchet concepts).
The problem is that current encryption methods could break when quantum computers get powerful enough, so Signal built Triple Ratchet to protect against that.
Most messaging companies are preparing for this but I noticed that WhatsApp has no public roadmap for the adoption of quantum resistance protocols. They use the Signal Protocol for encryption, so they may simply wait for the result of Signal’s work to adopt the new approach.
It is much heavier to implement, so I am wondering if Triple Ratchet follows the same path as Double Ratchet and gets widespread adoption.
If open protocols like XMPP and Matrix adopt it, it may be huge for European messaging independence.
What’s your take? Do you think quantum resistance will become a mandatory feature for end-to-end encrypted messaging platforms in the next couple of years?
