Post-Quantum Extended Diffie–Hellman

In cryptography, Post-Quantum Extended Diffie–Hellman (PQXDH) is a Kyber-based post-quantum cryptography upgrade to the Diffie–Hellman key exchange. It is notably being incorporated into the Signal Protocol, an end-to-end encryption protocol.

In September 2023, the developers of the Signal Protocol announced that it was being updated to support PQXDH.^[1][2][3]

PQXDH is an upgraded version of the X3DH protocol and uses both the quantum-resistant CRYSTALS-Kyber protocol as well as the old elliptic curve X25519 protocol. This ensures that an attacker must break both of the encryption protocols to gain access to sensitive data, mitigating potential security vulnerabilities the new protocol could have. The protocol is designed for asynchronous communication where the clients exchange public keys through a server to derive a secure shared key which they can use to encrypt sensitive data without needing to constantly sync new keys with each other.^[2][3]

In October 2023, the protocol underwent formal verification which managed to "prove all the desired security properties of the protocol" for its second revision.^[4]

See also

• Post-quantum cryptography
• Shor's algorithm
• Signal Protocol
• Signal (software)
• Public-key cryptography
• End-to-end encryption
• Cryptanalysis
• Diffie–Hellman key exchange
• Symmetric-key algorithm