iOS / iPadOS

Is PQC enabled? — quick check

iPhone / iPad

# Settings → General → About → Software Version
# Open https://checkpqc.app/ in Safari and Chrome on the device

Expected when PQC is ON

iOS 18.2
Safari verdict: CLASSICAL_ONLY (Apple has not shipped TLS PQ to WebKit yet)
Chrome verdict: HYBRID_ENABLED  (Cronet/BoringSSL via Chrome iOS)

What you'll see when PQC is OFF

iOS 16.7
Safari verdict: CLASSICAL_ONLY
Chrome verdict: CLASSICAL_ONLY (older Chrome iOS without PQ)

iMessage PQ3 needs iOS 17.4+ on BOTH ends; there is no per-chat indicator, so version is the proof.

Apple has shipped post-quantum cryptography in select services on iOS, but the system TLS APIs (URLSession, Network.framework, NSURLConnection) do not yet negotiate X25519MLKEM768. That changes once Apple turns on PQC for the underlying CoreCrypto / Network stack.

What's PQ-ready on iOS 17.4+ / 18 / 19

iMessage PQ3 — Kyber-1024 + ECDH P-256 hybrid initial agreement, with PQ ratchet rekey. iMessage.
iCloud Keychain sync — uses PQ-augmented key wraps in select service paths (rolling out per Apple Platform Security paper).
Chrome for iOS / Edge for iOS / Brave for iOS — Apple still requires WebKit, but the in-app TLS stack for non-WebView fetches is the bundled Cronet/BoringSSL where available, gating on App Store rules.
Signal / WhatsApp — PQXDH for new chats.

What's not

Safari HTTPS / WebKit — TLS still classical. Safari.
Stock Mail.app TLS — system networking stack, classical.
App URLSession / WKWebView for third-party apps — classical.

Verify

Settings → General → About → Software Version — confirms 17.4+ for PQ3 etc.
Open checkpqc.app in Safari, Chrome, and Edge on the device. Verdict reflects what each browser put on the wire.
For iMessage PQ3: send a message to another modern iOS/macOS user; PQ3 activates silently. There is no per-chat indicator (Apple's design choice).

Track

Apple's Platform Security Guide publishes PQ rollouts as they ship.

Run the check on services your iPhone uses →