Messaging Layer Security (MLS): the future of secure messaging

December 18, 2018

MLS - Group Messaging

Messaging Layer Security (MLS) is a new end-to-end encrypted protocol that is developed by an IETF workgroup. Wire initiated the idea, along with Mozilla and Cisco, in 2016 with other contributors joining the efforts later: the University of Oxford, Facebook, INRIA, Google, Twitter. MLS’s major goals are to make end-to-end encrypted messaging in (large) groups efficient and more secure and to become an open standard.

The whole story

At Wire we have a vision for secure messaging: Federated environments based on open standards. Choosing open standards over proprietary technology is not an emotional decision. In the past we have been involved in similar efforts that made a deep impact on the industry:

  • Standardising the Internet Low Bitrate Codec (iLBC) at Global IP Sound paved the way for WebRTC.
  • Skype disrupted the telecommunication world with free calls. SILK, the codec used for Skype calls, evolved and became an open standard known as Opus and now also an integral part of WebRTC.

Today WebRTC is built into most browsers (Chrome, Firefox, Safari, Edge, etc.) as well as into many communication products, making for an install base of billions of devices. We believe that in the next decade messaging will be shaped by the increasing awareness of users around subjects like privacy and security. People feel strongly about this and there is a large consensus that messages are something private and worth protecting from prying eyes.

In 2016, the lack of an open standard for end-to-end encryption lead us to discussing our vision with others. What started as an informal discussion at a Berlin restaurant one evening during IETF 96 with peers from Mozilla and Cisco would later become a fully grown IETF workgroup.

While the initial focus was on creating an open standard, others joined the effort and brought more innovation to the table: Facebook in cooperation with the University of Oxford published the Asynchronous Ratcheting Trees concept. After a number of alternatives were considered, this concept became the base layer of discussions within the MLS group and finally lead to the analogue TreeKEM concept, that is now at the core of the protocol. Academic research has also shown, that the security of group conversations can be improved. This extended the original scope of MLS to 3 major goals in the charter:

  • Make secure messaging in (large) groups more efficient
  • Increase the security of groups w.r.t. membership while maintaining security guarantees like Forward Secrecy and Post-Compromise Security
  • Make the protocol a standard that everyone can use freely and safely

We are convinced that the approach of pushing for open standards was valid in the past and that it is also valid for the future. The MLS workgroup benefits from work and assistance of the academic community, and the intent is to follow the pattern of TLS 1.3, with specification, implementation, and formal verification proceeding in parallel.
A few implementations already exist, that now aim for perfect interoperability. By the time we arrive at the final version (RFC), we hope to have several interoperable implementations as well as a thorough security analysis. While more work needs to be done on MLS, large hurdles have been overcome already and we believe the ongoing work is going in the right direction.

Alan Duric, CTO/COO & Raphael Robert, Head of Security


Get Wire Pro to be at the forefront for secure messaging. Start a free trial now.

Back to all posts