Official forum for Utopia Community

You are not logged in.

#1 2023-07-24 22:21:30

Registered: 2023-01-04
Posts: 2,068

Cross-platform end-to-end encryption using the MLS Protocol is coming

As part of its open source implementation of the specification and its Messages service for Android, Google has declared its intention to add support for Message Layer Security (MLS).

According to Giles Hogben, privacy engineering director at Google, "the majority of modern consumer messaging platforms (including Google Messages) support end-to-end encryption, but users today are restricted to communicating with contacts who use the same platform.". "For this reason, Google is a strong proponent of regulatory initiatives that demand interoperability for substantial end-to-end messaging platforms. ".

The change occurred shortly after the IETF released RFC 9420, the core specification of the Messaging Layer Security (MLS) protocol, as a Request for Comments.

Amazon Web Services (AWS), Wickr, Cisco, Cloudflare, The Matrix . org Foundation, Mozilla, Phoenix RandD, and Wire are a few other well-known businesses that have backed the protocol. Apple, which provides iMessage, is noticeably absent from the list.

The end-to-end encryption security layer known as MLS, as its name suggests, makes it possible for messaging services and platforms to communicate with one another. In March 2023, IETF gave its approval for publication as a standard.

When MLS was first released, the IETF stated that it "builds on the best lessons of the current generation of security protocols.". "MLS supports asynchronous operation and offers cutting-edge security features like post-compromise security, much like the popular Double Ratchet protocol. And MLS offers reliable authentication, similar to TLS 1.3. ".

An approach known as Continuous Group Key Agreement (CGKA), which is at the core of MLS, enables multiple messaging clients to agree on a shared key that caters to groups of two to thousands of people while providing forward secrecy guarantees regardless of the individuals who join and leave the group conversation.

Continuous group authenticated key exchange (AKE) is described as "the core functionality of MLS" in the standard document. "Like other authenticated key exchange protocols (like TLS), the protocol's participants agree on a shared secret value, and each of them is able to confirm the identities of the others. ".

"That secret can then be exported for use with other protocols or used to secure messages sent by one member of the group to the others using the MLS framing layer. The group AKE offered by MLS is continuous group AKE, which means that the participants in the protocol may change over time, and group AKE, which means that there may be more than two participants. ".

By using an asynchronous ratcheting tree, a data structure that is used to generate shared secrets among a group of clients, this evolving membership is made possible. The objective is to effectively remove any member, achieving post-compromise security by preventing group messages from being intercepted even if one member has previously been compromised.

On the other hand, by erasing private keys from previous iterations of the ratchet tree, old group secrets are prevented from being re-derived, enabling forward secrecy, which enables messages sent at a certain point in time to be secured in the face of later compromise of a group member.

The legitimacy of new members joining a group is checked by everyone: there is nowhere to hide, according to Mozilla, which is hoping to see a standardization of a Web API to use the protocol directly via web browsers. ".


Board footer

Powered by FluxBB