Messaging Layer Security

From HandWiki
Short description: Messaging protocol

Messaging Layer Security (MLS) is a security layer for end-to-end encrypting messages in arbitrarily sized groups. It is maintained by the MLS working group of the Internet Engineering Task Force to provide an efficient and practical security mechanism.[1][2][3]

Security properties

Security properties of MLS include message confidentiality, message integrity and authentication, membership authentication, asynchronicity, forward secrecy, post-compromise security, and scalability.[4]

History

The idea was born in 2016 and first discussed in an unofficial meeting during IETF 96 in Berlin with attendees from Wire, Mozilla and Cisco.[5]

Initial ideas were based on pairwise encryption for secure 1:1 and group communication. In 2017, an academic paper introducing Asynchronous Ratcheting Trees was published by the University of Oxford and Facebook setting the focus on more efficient encryption schemes.[6]

The first BoF took place in February 2018 at IETF 101 in London. The founding members are Mozilla, Facebook, Wire, Google, Twitter, University of Oxford, and INRIA.[7]

As of March 29, 2023, the IETF has approved publication of Messaging Layer Security (MLS) as a new standard.[8] It was officially published on July 19, 2023.[9][10]

Implementations

  • OpenMLS: language: Rust, license: MIT
  • MLS++: language: C++, license: BSD-2
  • mls-rs: language: Rust, license: MIT, Apache 2.0

References

  1. "Inside MLS, the New Protocol for Secure Enterprise Messaging" (in en). 27 June 2019. https://www.darkreading.com/perimeter/inside-mls-the-new-protocol-for-secure-enterprise-messaging/d/d-id/1335075. 
  2. at 10:29, Richard Chirgwin 22 Aug 2018. "Elders of internet hash out standards to grant encrypted message security for world+dog" (in en). https://www.theregister.co.uk/2018/08/22/ietf_draft_proposes_encrypted_message_security_for_all/. 
  3. "Messaging Layer Security". https://mlswg.github.io. 
  4. "Messaging Layer Security (mls) -". https://datatracker.ietf.org/wg/mls/about/. 
  5. "Das sind die sieben Entwickler-Trends 2019: Vom Java-Comeback über MLS bis KI/ML-zentrierte Technologien". 2 January 2019. https://www.it-finanzmagazin.de/sieben-entwickler-trends-2019-83043/. Retrieved 7 January 2019. 
  6. Cohn-Gordon, Katriel; Cremers, Cas; Garratt, Luke; Millican, Jon; Milner, Kevin (2017). "On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees". Cryptology ePrint Archive. https://eprint.iacr.org/2017/666. 
  7. Chirgwin, Richard (22 August 2018). "Elders of internet hash out standards to grant encrypted message security for world+dog". https://www.theregister.co.uk/2018/08/22/ietf_draft_proposes_encrypted_message_security_for_all/. Retrieved 30 November 2018. 
  8. Sullivan, Nick; Turner, Sean (2023-03-29). "Messaging Layer Security: Secure and Usable End-to-End Encryption". https://www.ietf.org/blog/mls-secure-and-usable-end-to-end-encryption/. 
  9. "New MLS protocol provides groups better and more efficient security at Internet scale". 2023-07-19. https://www.ietf.org/blog/mls-protocol-published/. 
  10. Beurdouche, Benjamin; Vasquez, Sarah (2023-07-20). "Messaging Layer Security is now an internet standard". https://blog.mozilla.org/en/mozilla/messaging-layer-security-is-now-an-internet-standard/. 

External links



Retrieved from "https://handwiki.org/wiki/index.php?title=Messaging_Layer_Security&oldid=3367827"