A blueprint for formal verification of Apple corecrypto
Apple has introduced quantum-secure cryptography in iMessage to enhance user security against future quantum computing threats. The company has developed formal verification methods to ensure the mathematical correctness of its new algorithms, ML-KEM and ML-DSA, which are now available for independent evaluation. Corecrypto, the foundational cryptographic library, will include these algorithms to improve security across Apple devices and applications.
- ▪Apple's corecrypto now includes quantum-secure ML-KEM and ML-DSA algorithms.
- ▪The formal verification methods developed by Apple ensure the mathematical correctness of their cryptographic implementations.
- ▪Corecrypto is used in over 2.5 billion active devices for encryption, hashing, and digital signatures.
Opening excerpt (first ~120 words) tap to expand
The introduction of quantum-secure cryptography in iMessage marked the start of a significant security transition to protect Apple users from threats posed by future quantum computers. Deploying this new generation of algorithms at scale across all Apple platforms requires high assurance, so we developed rigorous new formal verification methods to prove the mathematical correctness of our implementation. With this week’s release of corecrypto, we’re publishing our implementations of quantum-secure ML-KEM and ML-DSA algorithms — along with the mathematical proofs we built to assure they are faithful to the FIPS 203 and FIPS 204 specifications — for independent evaluation by experts.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at A blueprint for formal verification of Apple corecrypto - Apple Security Research.
Discussion
0 comments
