Jump to content

Messaging Layer Security: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous edit
Content deleted Content added
VisualWikitext
resolve notability with two recent specific news cites
Add infobox
 
(18 intermediate revisions by 15 users not shown)
Line 1: Line 1:
{{Short description|Messaging protocol}}
'''Messaging Layer Security''' ('''MLS'''), is a security layer for [[End-to-end encryption|end-to-end encrypting]] messages in groups of size two to many. It is being built by the [[IETF]] MLS working group and designed to be efficient, practical and secure.<ref>{{Cite web|url=https://www.darkreading.com/perimeter/inside-mls-the-new-protocol-for-secure-enterprise-messaging/d/d-id/1335075|title=Inside MLS, the New Protocol for Secure Enterprise Messaging|website=Dark Reading|language=en|access-date=2019-11-15}}</ref><ref>{{Cite web|url=https://www.theregister.co.uk/2018/08/22/ietf_draft_proposes_encrypted_message_security_for_all/|title=Elders of internet hash out standards to grant encrypted message security for world+dog|last=at 10:29|first=Richard Chirgwin 22 Aug 2018|website=www.theregister.co.uk|language=en|access-date=2019-11-15}}</ref><ref>{{cite web |title=Messaging Layer Security |url=https://mlswg.github.io |website=GitHub}}</ref>
{{Infobox technology standard
| title = Messaging Layer Security
| long_name =
| image =
| image_size =
| alt =
| caption =
| abbreviation = MLS
| native_name = <!-- Name in local language. If more than one, separate using {{plain list}} -->
| native_name_lang = <!-- ISO 639-1 code e.g. "fr" for French. If more than one, use {{lang}} inside native_name items instead -->
| status =
| year_started = <!-- {{Start date|YYYY|MM|DD|df=y}} -->
| first_published = {{Start date|2023|07}}
| version =
| version_date =
| preview =
| preview_date =
| organization = [[Internet Engineering Task Force|IETF]]
| committee =
| series =
| editors =
| authors = {{Unbulleted list
| R. Barnes
| B. Beurdouche
| R. Robert
| J. Millican
| E. Omara
| K. Cohn-Gordon
}}
| base_standards =
| related_standards =
| predecessor =
| successor =
| domain = Security
| license =
| copyright =
| website = {{URL|https://www.rfc-editor.org/rfc/rfc9420.html}}
}}
'''Messaging Layer Security''' ('''MLS''') is a security layer for [[End-to-end encryption|end-to-end encrypting]] messages in arbitrarily sized groups. It is maintained by the MLS working group of the [[Internet Engineering Task Force]] to provide an efficient and practical security mechanism.<ref>{{Cite web|url=https://www.darkreading.com/perimeter/inside-mls-the-new-protocol-for-secure-enterprise-messaging/d/d-id/1335075|title=Inside MLS, the New Protocol for Secure Enterprise Messaging|website=Dark Reading|date=27 June 2019 |language=en|access-date=2019-11-15}}</ref><ref>{{Cite web|url=https://www.theregister.co.uk/2018/08/22/ietf_draft_proposes_encrypted_message_security_for_all/|title=Elders of internet hash out standards to grant encrypted message security for world+dog|last=at 10:29|first=Richard Chirgwin 22 Aug 2018|website=www.theregister.co.uk|language=en|access-date=2019-11-15}}</ref><ref>{{cite web |title=Messaging Layer Security |url=https://mlswg.github.io |website=GitHub}}</ref>


==Security properties==
==Security properties==
Security properties of MLS include message confidentiality, message integrity and authentication, membership authentication, asynchronicity, forward secrecy, post-compromise security, and scalability.<ref>{{Cite web|url=https://datatracker.ietf.org/wg/mls/about/|title=Messaging Layer Security (mls) -|website=datatracker.ietf.org|access-date=2019-03-05}}</ref>
Security properties of MLS include message confidentiality, message integrity and authentication, membership authentication, asynchronicity, [[forward secrecy]], post-compromise security, and scalability.<ref>{{Cite web|url=https://datatracker.ietf.org/wg/mls/about/|title=Messaging Layer Security (mls) -|website=datatracker.ietf.org|access-date=2019-03-05}}</ref>


==History==
==History==
The idea was born in 2016 and first discussed in an unofficial meeting during IETF 96 in Berlin with attendees from [[Wire (software)|Wire]], [[Mozilla]] and [[Cisco Systems|Cisco]].<ref>{{cite web |title=Das sind die sieben Entwickler-Trends 2019: Vom Java-Comeback über MLS bis KI/ML-zentrierte Technologien |url=https://www.it-finanzmagazin.de/sieben-entwickler-trends-2019-83043/ |website=IT Finanzmagazin |accessdate=7 January 2019}}</ref>
The idea was born in 2016 and first discussed in an unofficial meeting during IETF 96 in Berlin with attendees from [[Wire (software)|Wire]], [[Mozilla]] and [[Cisco]].<ref>{{cite web |title=Das sind die sieben Entwickler-Trends 2019: Vom Java-Comeback über MLS bis KI/ML-zentrierte Technologien |url=https://www.it-finanzmagazin.de/sieben-entwickler-trends-2019-83043/ |website=IT Finanzmagazin |date=2 January 2019 |accessdate=7 January 2019}}</ref>


Initial ideas were based on pairwise encryption for secure 1:1 and group communication. In 2017, an academic paper introducing Asynchronous Ratcheting Trees was published by University of Oxford setting the focus on more efficient encryption schemes.<ref>{{Cite journal|last=Cohn-Gordon|first=Katriel|last2=Cremers|first2=Cas|last3=Garratt|first3=Luke|last4=Millican|first4=Jon|last5=Milner|first5=Kevin|date=2017|title=On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees|url=https://eprint.iacr.org/2017/666}}</ref>
Initial ideas were based on pairwise encryption for secure 1:1 and group communication. In 2017, an academic paper introducing Asynchronous Ratcheting Trees was published by the University of Oxford and Facebook setting the focus on more efficient encryption schemes.<ref>{{Cite journal|last1=Cohn-Gordon|first1=Katriel|last2=Cremers|first2=Cas|last3=Garratt|first3=Luke|last4=Millican|first4=Jon|last5=Milner|first5=Kevin|date=2017|title=On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees|journal=Cryptology ePrint Archive |url=https://eprint.iacr.org/2017/666}}</ref>


The first [[Birds of a feather (computing)|BoF]] took place in February 2018 at IETF 101 in London. The founding members are [[Mozilla]], [[Facebook]], [[Wire (software)|Wire]], [[Google]], [[Twitter]], [[University of Oxford]], and [[INRIA]].<ref>{{cite news |last1=Chirgwin |first1=Richard |title=Elders of internet hash out standards to grant encrypted message security for world+dog |url=https://www.theregister.co.uk/2018/08/22/ietf_draft_proposes_encrypted_message_security_for_all/ |accessdate=30 November 2018 |date=22 August 2018}}</ref>
The first [[Birds of a feather (computing)|BoF]] took place in February 2018 at IETF 101 in London. The founding members are [[Mozilla]], [[Facebook]], [[Wire (software)|Wire]], [[Google]], [[Twitter]], [[University of Oxford]], and [[INRIA]].<ref>{{cite news |last1=Chirgwin |first1=Richard |title=Elders of internet hash out standards to grant encrypted message security for world+dog |url=https://www.theregister.co.uk/2018/08/22/ietf_draft_proposes_encrypted_message_security_for_all/ |accessdate=30 November 2018 |date=22 August 2018}}</ref>

As of March 29, 2023, the IETF has approved publication of Messaging Layer Security (MLS) as a new standard.<ref>{{cite web |last=Sullivan |first=Nick |last2=Turner |first2=Sean |date=2023-03-29 |title=Messaging Layer Security: Secure and Usable End-to-End Encryption |url=https://www.ietf.org/blog/mls-secure-and-usable-end-to-end-encryption/ |access-date=2023-07-28 |website=[[IETF]]}}</ref> It was officially published on July 19, 2023.<ref>{{Cite web |date=2023-07-19 |title=New MLS protocol provides groups better and more efficient security at Internet scale |url=https://www.ietf.org/blog/mls-protocol-published/ |access-date=2023-07-28}}</ref><ref>{{Cite web |last=Beurdouche |first=Benjamin |last2=Vasquez |first2=Sarah |date=2023-07-20 |title=Messaging Layer Security is now an internet standard |url=https://blog.mozilla.org/en/mozilla/messaging-layer-security-is-now-an-internet-standard/ |access-date=2023-07-28 |website=[[Mozilla]]}}</ref>

== Implementations ==

* [https://github.com/openmls/openmls OpenMLS]: language: Rust, license: MIT
* [https://github.com/cisco/mlspp MLS++]: language: C++, license: BSD-2
* [https://github.com/awslabs/mls-rs mls-rs]: language: Rust, license: MIT, Apache 2.0


== References ==
== References ==
{{Reflist}}
{{Reflist}}


== External links ==
[[Category:Computer security]]
* [https://www.rfc-editor.org/rfc/rfc9420.html RFC 9420 The Messaging Layer Security (MLS) Protocol]
{{CI|date=March 2019}}


[[Category:Cryptography]]
[[Category:Internet privacy]]
[[Category:Secure communication]]


{{crypto-stub}}
{{crypto-stub}}

Latest revision as of 15:05, 17 June 2024

Messaging Layer Security
AbbreviationMLS
First publishedJuly 2023 (2023-07)
OrganizationIETF
Authors
  • R. Barnes
  • B. Beurdouche
  • R. Robert
  • J. Millican
  • E. Omara
  • K. Cohn-Gordon
DomainSecurity
Websitewww.rfc-editor.org/rfc/rfc9420.html

Messaging Layer Security (MLS) is a security layer for end-to-end encrypting messages in arbitrarily sized groups. It is maintained by the MLS working group of the Internet Engineering Task Force to provide an efficient and practical security mechanism.[1][2][3]

Security properties[edit]

Security properties of MLS include message confidentiality, message integrity and authentication, membership authentication, asynchronicity, forward secrecy, post-compromise security, and scalability.[4]

History[edit]

The idea was born in 2016 and first discussed in an unofficial meeting during IETF 96 in Berlin with attendees from Wire, Mozilla and Cisco.[5]

Initial ideas were based on pairwise encryption for secure 1:1 and group communication. In 2017, an academic paper introducing Asynchronous Ratcheting Trees was published by the University of Oxford and Facebook setting the focus on more efficient encryption schemes.[6]

The first BoF took place in February 2018 at IETF 101 in London. The founding members are Mozilla, Facebook, Wire, Google, Twitter, University of Oxford, and INRIA.[7]

As of March 29, 2023, the IETF has approved publication of Messaging Layer Security (MLS) as a new standard.[8] It was officially published on July 19, 2023.[9][10]

Implementations[edit]

  • OpenMLS: language: Rust, license: MIT
  • MLS++: language: C++, license: BSD-2
  • mls-rs: language: Rust, license: MIT, Apache 2.0

References[edit]

  1. ^ "Inside MLS, the New Protocol for Secure Enterprise Messaging". Dark Reading. 27 June 2019. Retrieved 2019-11-15.
  2. ^ at 10:29, Richard Chirgwin 22 Aug 2018. "Elders of internet hash out standards to grant encrypted message security for world+dog". www.theregister.co.uk. Retrieved 2019-11-15.{{cite web}}: CS1 maint: numeric names: authors list (link)
  3. ^ "Messaging Layer Security". GitHub.
  4. ^ "Messaging Layer Security (mls) -". datatracker.ietf.org. Retrieved 2019-03-05.
  5. ^ "Das sind die sieben Entwickler-Trends 2019: Vom Java-Comeback über MLS bis KI/ML-zentrierte Technologien". IT Finanzmagazin. 2 January 2019. Retrieved 7 January 2019.
  6. ^ Cohn-Gordon, Katriel; Cremers, Cas; Garratt, Luke; Millican, Jon; Milner, Kevin (2017). "On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees". Cryptology ePrint Archive.
  7. ^ Chirgwin, Richard (22 August 2018). "Elders of internet hash out standards to grant encrypted message security for world+dog". Retrieved 30 November 2018.
  8. ^ Sullivan, Nick; Turner, Sean (2023-03-29). "Messaging Layer Security: Secure and Usable End-to-End Encryption". IETF. Retrieved 2023-07-28.
  9. ^ "New MLS protocol provides groups better and more efficient security at Internet scale". 2023-07-19. Retrieved 2023-07-28.
  10. ^ Beurdouche, Benjamin; Vasquez, Sarah (2023-07-20). "Messaging Layer Security is now an internet standard". Mozilla. Retrieved 2023-07-28.

External links[edit]

Stub icon

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Messaging_Layer_Security&oldid=1229572735"