Messaging Layer Security

Messaging Layer Security (MLS) is a security layer for end-to-end encrypting messages in arbitrarily sized groups. It is maintained by the MLS working group of the Internet Engineering Task Force to provide an efficient and practical security mechanism.

Security properties
Security properties of MLS include message confidentiality, message integrity and authentication, membership authentication, asynchronicity, forward secrecy, post-compromise security, and scalability.

History
The idea was born in 2016 and first discussed in an unofficial meeting during IETF 96 in Berlin with attendees from Wire, Mozilla and Cisco.

Initial ideas were based on pairwise encryption for secure 1:1 and group communication. In 2017, an academic paper introducing Asynchronous Ratcheting Trees was published by the University of Oxford and Facebook setting the focus on more efficient encryption schemes.

The first BoF took place in February 2018 at IETF 101 in London. The founding members are Mozilla, Facebook, Wire, Google, Twitter, University of Oxford, and INRIA.

As of March 29, 2023, the IETF has approved publication of Messaging Layer Security (MLS) as a new standard. It was officially published on July 19, 2023.

Implementations

 * OpenMLS: language: Rust, license: MIT
 * MLS++: language: C++, license: BSD-2
 * mls-rs: language: Rust, license: MIT, Apache 2.0