Keychat's avatar
Keychat 1 year ago
“The Signal protocol is used by two parties to exchange encrypted messages based on a shared secret key.” “Messaging Layer Security (MLS) is a security layer for encrypting messages in groups ranging from two to many.” So, it might seem logical to conclude that "the MLS protocol is a superset of the Signal protocol, and the Signal protocol is a subset of the MLS protocol. Whether it's one-on-one private chats, small group chats, or large group chats, the MLS protocol alone could be used to implement them." However, this seemingly logical conclusion is incorrect. The MLS protocol is not as efficient as the Signal protocol for implementing one-on-one chats and small group chats. Assume a two-person MLS group chat and a one-on-one chat using the Signal protocol, both achieving the same level of security. In the MLS group, each message sent requires an additional message to update the encryption key (with forward secrecy and backward secrecy capabilities). In contrast, one-on-one chats using the Signal protocol do not require this additional message to update the encryption key (with forward secrecy and backward secrecy capabilities). View quoted note →

Replies (2)

water783's avatar
water783 w783@0xchat.com 1 year ago
Oh, if that's the case, using the Signal protocol for one-on-one chats only requires sending one message, while using the MLS protocol requires sending two messages? what do you think? @JeffG
1 replies ↓
JeffG 's avatar
JeffG _@jeffg.fyi 1 year ago
Does it matter? The extra overhead of sending a single extra event to the server is negligible... I'm really confused as to why the @Keychat folks keep banging on about it. As a dev, would I prefer to implement two entirely different protocols or just one that handles DMs and Groups and can do so in a secure way?!