Google plans to add support for MLS to Messages. Jules Hedges, Google’s privacy engineering director, said, “Most modern consumer messaging platforms.
(including Google Messages) support end-to-end encryption, but users today are limited to communicating with contacts who use the same platform.
That’s why Google strongly supports regulatory efforts that require interoperability for large messaging platforms on an end-to-end basis.” Google add support for MLS
This development comes as the Internet Engineering Task Force (IETF) released the core specifications for the Messaging Layer Security (MLS) protocol as a request for comments (RFC 9420).
Among other major companies that have endorsed the protocol are Amazon Web Services (AWS) Wickr, Cisco, Cloudflare,
The Matrix.org Foundation, Mozilla
Phoenix R&D, and Wire. Notably absent from the list is Apple, which offers iMessage.
MLS, as the name suggests, is a security layer for end-to-end encryption that facilitates cross-service and infrastructure interoperability. It was approved for publication as a standard by the IETF in March 2023.
The IETF noted at the time: “MLS builds on the best lessons learned from the current generation of security protocols.
Like the widely used Double Ratchet protocol, MLS allows for asynchronous operation.
and provides advanced security features such as post-compromise security. And like TLS 1.3, MLS provides strong authentication.”
The centerpiece of MLS is an approach known as Continuous Group Key Agreement (CGKA).
which allows many messaging clients to agree on a common key that suits groups ranging in size from two to thousands in a way that provides forward secrecy guarantees regardless of who joins and leaves the group conversation.
The standard document reads: “The core function of MLS is the continuous negotiation of a group AKE key (AKE). As with other authenticated key exchange protocols (such as TLS), the protocol participants agree on a common secret value, and each participant can verify the identities of the other participants.”
Google plans to add support for MLS to Messages.
“This secret can then be used to protect messages sent from one group participant to the other participants using the MLS encoding layer.
or it can be exported for use with other protocols.
MLS provides AKE for the group in the sense that there may be more than two participants in the protocol.
and AKE for the continuous group in the sense that the set of participants in the protocol may change over time.”
This variable membership is achieved through an asynchronous data mediator called a non-linear ratcheting tree.
which is used to extract shared secrets between a group of clients.
The goal is to be able to efficiently remove any member.
achieving post-compromise security by preventing interception of group messages even if one member was compromised at some point in the past.
On the other hand, forward secrecy is provided, which allows messages sent at a certain time to be secure in the face of a later compromise of a group member.
by deleting private keys from previous versions of the ratchet tree, thus avoiding re-deriving old group secrets.
Google add support for MLS
Mozilla, which hopes to standardize the web application programming interface to make direct use of the protocol across web browsers.
said MLS is designed to “vet the legitimacy of new members entering the group by everyone: there’s no place to hide.”