Messaging Layer Security: Difference between revisions
added Category:Computer security; removed {{uncategorized}} using HotCat |
Gitbub is not a reliable reference, stubify: it is essentially just a list of attributes |
||
| Line 1: | Line 1: | ||
{{notability}} |
|||
'''Messaging Layer Security''' ('''MLS'''), is a security layer for [[End-to-end encryption|end-to-end encrypting]] messages in groups of size two to many. It is being built by the [[IETF]] MLS working group and designed to be efficient, practical and secure.<ref>{{cite web |title=Messaging Layer Security |url=https://mlswg.github.io |website=GitHub}}</ref>. |
'''Messaging Layer Security''' ('''MLS'''), is a security layer for [[End-to-end encryption|end-to-end encrypting]] messages in groups of size two to many. It is being built by the [[IETF]] MLS working group and designed to be efficient, practical and secure.<ref>{{cite web |title=Messaging Layer Security |url=https://mlswg.github.io |website=GitHub}}</ref>. |
||
| Line 23: | Line 24: | ||
{{Reflist|30em}} |
{{Reflist|30em}} |
||
{{stub}} |
|||
[[Category:Computer security]] |
[[Category:Computer security]] |
||
Revision as of 17:54, 4 March 2019
 | The topic of this article may not meet Wikipedia's general notability guideline. |
Messaging Layer Security (MLS), is a security layer for end-to-end encrypting messages in groups of size two to many. It is being built by the IETF MLS working group and designed to be efficient, practical and secure.[1].
Security properties
The following security properties are mentioned in the charter:
- Message Confidentiality – Messages can only be read by members of the group
- Message Integrity and Authentication – Each message has been sent by an authenticated sender, and has not been tampered with
- Membership Authentication – Each participant can verify the set of members in the group
- Asynchronicity – Keys can be established without any two participants being online at the same time
- Forward secrecy – Full compromise of a node at a point in time does not reveal past messages sent within the group
- Post-compromise security – Full compromise of a node at a point in time does not reveal future messages sent within the group
- Scalability – Resource requirements have good scaling in the size of the group (preferably sub-linear)
History
The idea was born in 2016 and first discussed in an unofficial meeting during IETF 96 in Berlin with attendees from Wire, Mozilla and Cisco[2].
Initial ideas were based on pairwise encryption for secure 1:1 and group communication. In 2017, an academic paper introducing Asynchronous Ratcheting Trees is published by University of Oxford setting the focus on more efficient encryption schemes.
The first BoF took place in February 2018 at IETF 101 in London. The founding members are Mozilla, Facebook, Wire, Google, Twitter, University of Oxford, and INRIA[3]
References
- ^ "Messaging Layer Security". GitHub.
- ^ "Das sind die sieben Entwickler-Trends 2019: Vom Java-Comeback über MLS bis KI/ML-zentrierte Technologien". IT Finanzmagazin. Retrieved 7 January 2019.
- ^ Chirgwin, Richard (22 August 2018). "Elders of internet hash out standards to grant encrypted message security for world+dog". Retrieved 30 November 2018.