Messaging Layer Security is now an internet standard

Today, the Internet Engineering Task Force (IETF) is releasing the standard for Messaging Layer Security (MLS) protocol, a novel standard of communication protocol for group messaging.

Why so many acronyms?

Don’t speak in acronyms? We got you! So, the Internet Engineering Task Force (IETF) is a body of volunteers that develops open standards and protocols for the internet with the goal of making it work better. 

Feels very Mozilla, doesn’t it? Well, then it shouldn’t come as a surprise that Mozilla is an active participant of this working group. Ultimately, we support any new standard where we believe it will put people first and ensure they are empowered, safe and respected online.

Privacy and security should be the default, no? 

In today’s digital era, ensuring your communication is super safe and hush-hush is paramount! We all know how important it is to have robust, reliable, and oh-so-secure communication protocols. They’re like the superhero guardians that protect your precious data as it travels between people, devices, businesses, and even governments.

The new Messaging Layer Security (MLS) protocol is a game-changer. Providing end-to-end encryption to groups, it ensures confidentiality and privacy when people communicate with each other, ensuring that your messages, whether they’re in text, audio, or video form, stay completely under wraps from prying eyes such as infrastructure operators or malicious actors.

The nitty-gritty

If you want to get into the nitty-gritty details, MLS basically provides modern-day security properties that we have all come to expect by default such as Forward Secrecy or Post-Compromise Security – but like the superhero it is, it pushes those security measures to their very limits, achieving max security potential (that’s a lot of juice!)

At the core, MLS is what’s called a “continuous group key agreement” – this allows multiple entities to agree on a shared key and to contribute to it continuously. So, it doesn’t matter if your group is constantly changing, with friends joining and leaving all the time. Even if your group expands to over a thousand individuals, MLS creates a secure environment for group communication no matter how big the gang gets and without jeopardizing the security of past and future message exchanges. 

Using MLS, you’ll always know which other members of your chat group will receive the messages you send, and the legitimacy of new members entering a group is checked by everyone: there is nowhere to hide.

And long gone are the days when everyone had to be on the same app to benefit from these kinds of advanced security protocols. Of course, more can always be done to ensure that all apps follow this protocol and are able to be fully interoperable with other applications. That’s where the IETF and its partners, like Mozilla, play a crucial role in championing the widespread adoption of this new MLS standard and the future More Instant Messaging Interoperability (MIMI) protocol for interoperability of messaging apps.

Standardization and the power of the group

Similar to other efforts happening in open standardization bodies like the IETF, the power of MLS truly lies in its transparent design process. Similar to the design of TLS for client-server communications, the contributors to the MLS Protocol and MLS Architecture come from many different backgrounds including cryptography, software engineering, infrastructure and even academia and research.

This led to using a range of state of the art techniques – like mechanized symbolic security analysis with Tamarin or ProVerif, and proof assistants like FStar or new cryptographic proof frameworks – in the conception of this protocol to solve difficult problems and prevent mistakes along the way.

Ultimately, we managed to build a protocol that can cover many different architectures and applications without compromising on security. 

At some point, we’d like to see the standardization of a Web API so that web applications can leverage the technology directly from many different browsers. This would look like a browser performing all MLS actions for you, in contrast to the web application shipping its own MLS code in javascript or webassembly, which is potentially insecure.