Secure Messaging App PQChat Promises ‘Future Proof’ Encryption

Security firm SRD has launched an encrypted mobile messaging application that promises to protect users’ communications, even against the future threat from quantum computing.

PQChat is available immediately and for free on iOS, with an Android version in the works, and is targeted at privacy-conscious consumers and employees in the wake of Edward Snowden’s revelations about US espionage programmes, and at regulated industries such as finance, legal and health.

Central to PQChat’s appeal is the SRD’s Never-The-Same (NTS) encryption. It is based on the McEliece cryptosystem that claims to be the only system that has so far not been broken by techniques designed for quantum computing.

PQChat security

SRD says most existing encryption standards have already been broken in theory, with only the lack of available horsepower required to run these process preventing widespread attacks. If NTS detects any possible attacker identifying patterns in a user’s message, it randomises the messages, making them unidentifiable to anyone but the intended recipient.

“As a result, PQChat is as future-proof as it’s possible to be,” boasts SRD, which says NTS could become a new encryption standard, replacing RSA and Eliptic Curve to be used for authentication, banking tokens and digital rights management (DRM).

“The ongoing Snowden revelations have brought home just how easily accessible our personal information is to the NSA or other groups. Yet most people are still handing over information to data miners, spammers and criminals without understanding what they are doing,” says Andersen Cheng, co-founder and CEO of SRD Wireless. “People need to take back control of their data: even the smallest amount of personal information can compromise your privacy and security.”

Minimal user information

The app retains minimal user information so that users can be assured that SRD will not sell their data, nor will personal information be compromised in the event of an attack on PQChat. Only a one-way encrypted value of a phone number, which cannot be reconstructed, as well as an encrypted nickname and pseudo-ID photo are stored, with all other methods of authentication in the hands of users.

“Apart from having zero knowledge of any message contents, SRD Wireless vows not to obtain, store or share any personal details or password information from PQChat users: it is our belief that ultimately your security should be in your hands, not ours,” continues Andersen. “Since SRD’s business model is based around selling solutions to enterprises rather than data mining, there is no need for us to hold any of this information.”

Additionally, SRD’s patented Man At The End (MATE) authentication requires the recipient’s identity to be verified using audio or video, and messages can be set to expire after a certain amount of time, making it look like Snapchat for the enterprise.

PQChat will compete with other supposedly secure messaging services, such as BlackBerry Messenger and Silent Text, which received a major update earlier this week.

What do you know about Edward Snowden and the NSA? Take our quiz?