Messaging Layer Security
{{Short description|Messaging protocol}}
{{Use mdy dates|date=April 2025}}
{{Infobox networking protocol
| title = Messaging Layer Security
| logo =
| logo alt =
| image =
| image alt =
| caption =
| is stack = yes
| abbreviation = MLS
| purpose = End-to-end encrypting messages
| developer = {{Plainlist|
- Richard Barnes
- Benjamin Beurdouche
- Raphael Robert
- Jon Millican
- Emad Omara
- Katriel Cohn-Gordon
}}
| date = {{Start date and age|2023|07}}
| based on =
| influenced =
| osilayer = Application layer
| ports =
| rfcs = {{IETF RFC|9420}}
| hardware =
}}
Messaging Layer Security (MLS) is a security layer for end-to-end encrypting messages. It is maintained by the MLS working group of the Internet Engineering Task Force, and is designed to provide an efficient and practical security mechanism for groups as large as 50,000 and for those who access chat systems from multiple devices.{{Cite web|url=https://www.darkreading.com/perimeter/inside-mls-the-new-protocol-for-secure-enterprise-messaging/d/d-id/1335075|title=Inside MLS, the New Protocol for Secure Enterprise Messaging|website=Dark Reading|date=27 June 2019 |language=en|access-date=2019-11-15}}{{Cite web|url=https://www.theregister.co.uk/2018/08/22/ietf_draft_proposes_encrypted_message_security_for_all/|title=Elders of internet hash out standards to grant encrypted message security for world+dog|last=at 10:29|first=Richard Chirgwin 22 Aug 2018|website=www.theregister.co.uk|language=en|access-date=2019-11-15}}{{cite web |title=Messaging Layer Security |url=https://mlswg.github.io |access-date=2018-12-29 |website=GitHub}}
Security properties
Security properties of MLS include message confidentiality, message integrity and authentication, membership authentication, asynchronicity, forward secrecy, post-compromise security, and scalability.{{Cite web|url=https://datatracker.ietf.org/wg/mls/about/|title=Messaging Layer Security (mls) -|website=datatracker.ietf.org|access-date=2019-03-05}}
History
The idea was born in 2016 and first discussed in an unofficial meeting during IETF 96 in Berlin with attendees from Wire, Mozilla and Cisco.{{cite web |title=Das sind die sieben Entwickler-Trends 2019: Vom Java-Comeback über MLS bis KI/ML-zentrierte Technologien |url=https://www.it-finanzmagazin.de/sieben-entwickler-trends-2019-83043/ |website=IT Finanzmagazin |date=2 January 2019 |accessdate=7 January 2019}}
Initial ideas were based on pairwise encryption for secure 1:1 and group communication. In 2017, an academic paper introducing Asynchronous Ratcheting Trees was published by the University of Oxford and Facebook setting the focus on more efficient encryption schemes.{{Cite journal|last1=Cohn-Gordon|first1=Katriel|last2=Cremers|first2=Cas|last3=Garratt|first3=Luke|last4=Millican|first4=Jon|last5=Milner|first5=Kevin|date=2017|title=On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees|journal=Cryptology ePrint Archive |url=https://eprint.iacr.org/2017/666}}
The first BoF took place in February 2018 at IETF 101 in London. The founding members are Mozilla, Facebook, Wire, Google, Twitter, University of Oxford, and INRIA.{{cite news |last1=Chirgwin |first1=Richard |title=Elders of internet hash out standards to grant encrypted message security for world+dog |url=https://www.theregister.co.uk/2018/08/22/ietf_draft_proposes_encrypted_message_security_for_all/ |accessdate=30 November 2018 |date=22 August 2018}}
As of March 29, 2023, the IETF has approved publication of Messaging Layer Security (MLS) as a new standard.{{cite web |last1=Sullivan |first1=Nick |last2=Turner |first2=Sean |date=2023-03-29 |title=Messaging Layer Security: Secure and Usable End-to-End Encryption |url=https://www.ietf.org/blog/mls-secure-and-usable-end-to-end-encryption/ |access-date=2023-07-28 |website=IETF}} It was officially published on July 19, 2023.{{Cite web |date=2023-07-19 |title=New MLS protocol provides groups better and more efficient security at Internet scale |url=https://www.ietf.org/blog/mls-protocol-published/ |access-date=2023-07-28}}{{Cite web |last1=Beurdouche |first1=Benjamin |last2=Vasquez |first2=Sarah |date=2023-07-20 |title=Messaging Layer Security is now an internet standard |url=https://blog.mozilla.org/en/mozilla/messaging-layer-security-is-now-an-internet-standard/ |access-date=2023-07-28 |website=Mozilla}} At that time, Google announced it intended to add MLS to the end to end encryption used by Google Messages over RCS.{{Cite web |title=An important step towards secure and interoperable messaging |url=https://security.googleblog.com/2023/07/an-important-step-towards-secure-and.html |access-date=2024-12-12 |website=Google Online Security Blog |language=en}} In March 2025, the GSMA announced the Universal Profile 3.0 standard of RCS would support MLS and Apple announced it would support this RCS standard on Apple Messages.{{Cite web |last=Mayo |first=Benjamin |date=2025-03-14 |title=End-to-end encrypted RCS messaging on iPhone coming in future software update |url=https://9to5mac.com/2025/03/14/end-to-end-encrypted-rcs-messaging-on-iphone/ |access-date=2025-03-14 |website=9to5Mac |language=en-US}}{{Cite web |last=Van Pelt |first=Tom |date=2025-03-14 |title=RCS Encryption: A Leap Towards Secure and Interoperable Messaging |url=https://www.gsma.com/newsroom/article/rcs-encryption-a-leap-towards-secure-and-interoperable-messaging/ |access-date=2025-03-14 |website=GSMA |language=en-GB}}
Matrix is one of the protocols declaring migration to MLS.{{Cite web |title=Are We MLS Yet? |url=https://arewemlsyet.com |access-date=2024-09-23 |website=Are We MLS Yet? |language=en-US}}
Research on adding post-quantum cryptography (PQC) to MLS is ongoing, but MLS does not currently support PQC.{{Cite web |title=Cryspen {{!}} Post-Quantum Group Messaging |url=https://cryspen.com/post/pq-mls/ |access-date=2024-12-12 |website=cryspen.com}}{{Cite web |last1=Hashimoto |first1=Keitaro |last2=Katsumata |first2=Shuichi |last3=Prest |first3=Thomas |date=2022-11-07 |title=How to Hide MetaData in MLS-Like Secure Group Messaging: Simple, Modular, and Post-Quantum |url=https://eprint.iacr.org/2022/1533.pdf |access-date=2024-12-09 |website=Cryptology ePrint Archive}}{{Cite web |last= |date=2024-02-22 |title=Post-quantum messaging: examining Apple's new PQ3 protocol |url=https://pqshield.com/post-quantum-messaging-examining-apples-new-pq3-protocol/ |access-date=2024-12-09 |website=PQShield |language=en-GB}}
Implementations
| class="wikitable sortable"
|+ MLS implementations | ||
| Implementation | Language | License |
|---|---|---|
| [https://github.com/openmls/openmls OpenMLS] | Rust | MIT |
| [https://github.com/cisco/mlspp MLS++] | C++ | BSD 2-Clause |
| [https://github.com/awslabs/mls-rs mls-rs] | Rust | Apache 2.0 |
| [https://gitlab.matrix.org/matrix-org/mls-ts/ MLS-TS] | TypeScript | Apache 2.0 |
References
{{Reflist}}
External links
- {{IETF RFC|9420}} – The Messaging Layer Security (MLS) Protocol
{{crypto-stub}}