Messaging Layer Security

Messaging Layer Security (MLS), is a security layer for end-to-end encrypting messages in arbitrarily sized groups. It is being built by the IETF MLS working group and designed to be efficient, practical and secure.^[1]^[2]^[3]

Security properties

Security properties of MLS include message confidentiality, message integrity and authentication, membership authentication, asynchronicity, forward secrecy, post-compromise security, and scalability.^[4]

History

The idea was born in 2016 and first discussed in an unofficial meeting during IETF 96 in Berlin with attendees from Wire, Mozilla and Cisco.^[5]

Initial ideas were based on pairwise encryption for secure 1:1 and group communication. In 2017, an academic paper introducing Asynchronous Ratcheting Trees was published by the University of Oxford and Facebook setting the focus on more efficient encryption schemes.^[6]

The first BoF took place in February 2018 at IETF 101 in London. The founding members are Mozilla, Facebook, Wire, Google, Twitter, University of Oxford, and INRIA.^[7]

As of March 29, 2023, the IETF has approved publication of Messaging Layer Security (MLS) as a new standard. ^[8]

Implementations

OpenMLS: language: Rust, license: MIT
MLS++: language: C++, license: BSD-2

References

^ "Inside MLS, the New Protocol for Secure Enterprise Messaging". Dark Reading. 27 June 2019. Retrieved 2019-11-15.
^ at 10:29, Richard Chirgwin 22 Aug 2018. "Elders of internet hash out standards to grant encrypted message security for world+dog". www.theregister.co.uk. Retrieved 2019-11-15.{{cite web}}: CS1 maint: numeric names: authors list (link)
^ "Messaging Layer Security". GitHub.
^ "Messaging Layer Security (mls) -". datatracker.ietf.org. Retrieved 2019-03-05.
^ "Das sind die sieben Entwickler-Trends 2019: Vom Java-Comeback über MLS bis KI/ML-zentrierte Technologien". IT Finanzmagazin. 2 January 2019. Retrieved 7 January 2019.
^ Cohn-Gordon, Katriel; Cremers, Cas; Garratt, Luke; Millican, Jon; Milner, Kevin (2017). "On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees". Cryptology ePrint Archive.
^ Chirgwin, Richard (22 August 2018). "Elders of internet hash out standards to grant encrypted message security for world+dog". Retrieved 30 November 2018.
^ MLS approved by IETF https://www.ietf.org/blog/mls-secure-and-usable-end-to-end-encryption/. {{cite web}}: Missing or empty |title= (help)

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

[1] "Inside MLS, the New Protocol for Secure Enterprise Messaging". Dark Reading. 27 June 2019. Retrieved 2019-11-15.

[2] t 10:29, Richard Chirgwin 22 Aug 2018. "Elders of internet hash out standards to grant encrypted message security for world+dog". www.theregister.co.uk. Retrieved 2019-11-15.{{cite web}}: CS1 maint: numeric names: authors list (link)

[3] "Messaging Layer Security". GitHub.

[4] "Messaging Layer Security (mls) -". datatracker.ietf.org. Retrieved 2019-03-05.

[5] "Das sind die sieben Entwickler-Trends 2019: Vom Java-Comeback über MLS bis KI/ML-zentrierte Technologien". IT Finanzmagazin. 2 January 2019. Retrieved 7 January 2019.

[6] Cohn-Gordon, Katriel; Cremers, Cas; Garratt, Luke; Millican, Jon; Milner, Kevin (2017). "On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees". Cryptology ePrint Archive.

[7] Chirgwin, Richard (22 August 2018). "Elders of internet hash out standards to grant encrypted message security for world+dog". Retrieved 30 November 2018.

[8] MLS approved by IETF https://www.ietf.org/blog/mls-secure-and-usable-end-to-end-encryption/. {{cite web}}: Missing or empty |title= (help)

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]