37C3 - RFC 9420 or how to scale end-to-end encryption with Messaging Layer Security

Security

Discover how RFC 9420 and Messaging Layer Security (MLS) enable scalable end-to-end encryption for large groups, ensuring confidentiality, authentication, and post-compromise security through tree-based key updates and extensible design.

Key takeaways
  • MLS (Messaging Layer Security) is designed to scale end-to-end encryption for large groups
  • PCS (Post-compromise Security) ensures that even if a key is compromised, the attacker cannot read past messages
  • MLS uses a tree structure to manage key updates, scaling logarithmically
  • The protocol is designed to be extensible and adaptable to different use cases
  • Implementation in Rust, C++, and Go is underway
  • MLS is being standardized through the ITF (Internet Transport Forum)
  • MLS achieves forward secrecy, ensuring that even if a key is compromised, messages sent after the compromise cannot be decrypted
  • MLS is designed to be forward-looking, with post-quantum resistance and extension to other use cases
  • Confidentiality and authentication are ensured through key updates and encryption
  • MLS is being implemented by industry leaders, including Wire and Google
  • AMS is being tested in production environments

More talks

"Demystifying Privacy Preserving Computing" by Tejas Chopra (Strange Loop 2022)

SAINTCON 2016 - Ashok Banerjee - Anatomy of Cyber Attacks and Cybersecurity Defense

Web3 Builders Decentralizing the Internet | Blockchain Futurist Conference 2022

Securing Microservices with Auth0 and MicroProfile in Kubernetes without a hassle | Ondro Mihalyi

Open Source Pentesting and Security Analysis Tools: the DevOps way… #slideless

37C3 - Security Nightmares

How to Decide Which Baby to Kill - With Ev Kontsevoy, CEO of Teleport

DPC2019: Event driven development - Chris Riley