messaging layer security (MLS)

Messaging Layer Security (MLS) is a security layer in the Messenger layer model for end-to-end encryption( E2EE). The MLS protocol is being developed by an IETF working group as an efficient and secure group messaging protocol and is intended to make large group messaging secure.

The IETF has specified several criteria for the MLS protocol. These include the confidentiality of transmitted messages, which can only be read by authorized group members. In addition, the integrity and authenticity of the messages, which ensures that they can only be sent by authenticated users and cannot be modified during transmission, and as a further criterion, the transparency of the group members is required. According to this, each member of a group should be able to verify the authenticity of each individual group member.

In terms of layer architecture, Messaging Layer Security (MLS) lies between the application layer with its various message formats and Transport Layer Security( TLS). The MLS protocol interfaces with the authentication service.

As far as encryption is concerned, crypto keys can be generated asynchronously without the need for two participants to join the session at the same time. In addition, Forward Secrecy( FS) ensures that no data can be reconstructed after a session. The second security mechanism, Post-Compromise Security, prevents a compromising node from compromising data that has already been transmitted.