From the Article:

Google’s Messages app might be getting cross-platform chat encryption in the future. The company is announcing adoption of an end-to-end encryption system known as Messaging Layer Security, or MLS. It’ll allow Google’s platform to connect and exchange messages with outside messaging apps that also support MLS (via 9to5Google).

Want to message a group chat and have it securely and seamlessly appear on other people’s devices in their preferred chat apps? That’s the future European regulators are pushing for: to get tech companies to implement an end-to-end encryption system that allows users to securely message between platforms.

Meaningful interoperability would require major companies to back the same standard, and MLS now seems to have one of the biggest ones on its side. Google also supports the carrier-backed end-to-end encrypted messaging system known as RCS. For a while, RCS didn’t have proper security for group chats, but Google is now releasing a version that does (which doesn’t use MLS).

A big problem MLS may solve is better encryption for group messages. An Oxford paper published in 2017 pointed out security concerns in how some major messaging apps, including WhatsApp, Facebook Messenger, and Google Allo (RIP), could have group messages intercepted if just one member is compromised. So researchers sketched up an “Asynchronous Ratcheting Tree” that makes end-to-end group messages even more secure, and MLS was built with that idea in mind.

The MLS protocol is developed by a standards organization called the Internet Engineering Task Force (IETF). The body just approved publication of MLS specification (RFC 9420) in March and has previously tested draft versions in Webex and RingCentral chats.

Google is moving to place its MLS implementation open sourced into Android’s codebase but did not say when this would happen. It also did not specify how or if RCS messages, which Google has outwardly championed for more than a year, will work with the MLS-based encryption. Google continues to shame Apple for not supporting RCS, which is now available to more than 800 million Android users. It remains to be seen if other tech companies will “get the message” with MLS.

  • jmp242@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    31
    ·
    1 year ago

    Didn’t google basically kill XMPP by “working” with the standard and then getting a huge amount of users on Google, then dropping the standard leaving most people who wanted to communicate on the now locked in google program? I swear I heard that.

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    16
    ·
    1 year ago

    This is the best summary I could come up with:


    The company is announcing adoption of an end-to-end encryption system known as Messaging Layer Security, or MLS.

    That’s the future European regulators are pushing for: to get tech companies to implement an end-to-end encryption system that allows users to securely message between platforms.

    For a while, RCS didn’t have proper security for group chats, but Google is now releasing a version that does (which doesn’t use MLS).

    So researchers sketched up an “Asynchronous Ratcheting Tree” that makes end-to-end group messages even more secure, and MLS was built with that idea in mind.

    The MLS protocol is developed by a standards organization called the Internet Engineering Task Force (IETF).

    The body just approved publication of MLS specification (RFC 9420) in March and has previously tested draft versions in Webex and RingCentral chats.


    I’m a bot and I’m open source!

  • Dark Arc@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    ·
    edit-2
    1 year ago

    I wonder how this will work with (or if it will be compatible) with the efforts of Element and the Matrix standard?

    • 9tr6gyp3@lemmy.world
      link
      fedilink
      English
      arrow-up
      12
      ·
      edit-2
      1 year ago

      "Not Yet.

      Messaging Layer Security (MLS) is an IETF standard for end-to-end encryption in messaging systems. We are investigating bringing MLS to Matrix. So far we have basic encryption and decryption working and can handle membership changes."

      Per: https://arewemlsyet.com/

    • realharo@lemm.ee
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      1 year ago

      They could be forced to by EU law eventually.

      There has been some uncertainty about the feasibility of fulfilling the interoperability requirement in the Digital Markets Act. Standards like this could clearly show it can be done without compromising security.