Skip to content
Back to Blog
MLS

Messaging Layer Security – How secure communication is evolving

Explore the future of secure communication with Proteus & MLS. Learn how these technologies are reshaping business messaging

Said El-Safadi
Said El-Safadi

Jul 29, 2023

The rise in data breaches and cyber threats has made organizations increasingly aware of the need for more secure communication. With traditional communication methods such as regular cell service, email, instant messaging, or social media leaving sensitive information vulnerable, organizations want solutions that make privacy and security their prime concern. End-to-end encryption offers a solution to this growing concern. While consumers have had access to end-to-end encryption, its adoption in business is widely limited due to unique challenges that businesses face when implementing end-to-end encryption into their communication. CEO frauds, hacked conversations, and other malicious activities are just a few examples of the potential risks that organizations confront without adequate security measures in place. We recognize these challenges and are dedicated to solving the complexities associated with securing highly critical communications. At Wire, we recognize these challenges and are dedicated to solving the complexities associated with secure critical communications. By offering tailored solutions that address the specific needs of organizations, we enable them to communicate and transfer sensitive information with confidence, mitigating the risks of data breaches and ensuring their focus remains on core business activities.

End-to-end encryption using the Proteus protocol

End-to-end encryption is a method of secure communication which protects the privacy of data being transmitted between a sender and a receiver. The encryption is applied to the data at the source (sender) and can only be decrypted by the intended recipient (receiver). No one can access or view the encrypted information, not even the provider of the messaging-service.

A common example used to explain end-to-end encryption is the “Alice and Bob” scenario. In this scenario, Alice wants to send a confidential message to Bob, but she doesn’t want anyone else to read it. To ensure the privacy of her message, Alice uses end-to-end encryption to protect her message before sending it to Bob. Only Bob has the right decryption key, and can read the encrypted message and understand its contents. In the event that a third party intercepts the message, they will only see cipher text and will be unable to access its content.

End-to-end encryption is increasingly important in today’s digital age, where privacy and security are the main concerns. It provides a secure way to send and receive sensitive information, such as financial transactions or personal data – without the risk of it being intercepted or compromised. Wire is the business messenger that always uses end-to-end encryption to protect communications and keep data secure.

Wire uses the Proteus Protocol, an implementation of the DoubleRatchet Protocol. This means that every message sent and received through Wire is encrypted with a unique key, providing a secure foundation for organizations seeking to protect their communications. Furthermore, Proteus offers multi-device support, enabling users to securely and seamlessly operate and access their messages across multiple devices. Proteus also uses pre-keys which allows for secure conversations to be initiated even when not all parties are online at the same time. But what does MLS add into the mix?

The future: Messaging Layer Security (MLS)

The Messaging Layer Security (MLS) protocol provides a secure and efficient method for organizations to conduct group communication, and has been standardized in 2023 by the renowned International Engineering Task Force (IETF). Work on Messaging layer security began in 2016 when a handful of individuals from Wire, Mozilla, Cisco, and others discussed the need for a standardized way to establish end-to-end encryption for groups that was secure, modern, and extensible.The working group was formed and participation expanded to include individuals from dozens of companies, all united in their goal of improving secure messaging and collaboration within the world’s most security-demanding organizations. Secure group communication is made easier with Wire’s implementation of Messaging Layer Security (MLS). MLS uses group-oriented encryption to improve large-scale encrypted communication rather than traditional end-to-end encryption, which repeatedly encrypts group messages as if they are each separate one-to-one messages. Consequently, MLS operates more efficiently in messaging to and from substantial groups, be it a thousand participants, a few thousand or even more.

The design of Messaging layer security includes support for ciphersuite agility, which provides flexibility on the used cryptographic algorithms and allows the systems to negotiate and use the best available option based on the security requirements, available resources, and compatibility between the communicating parties. Ciphersuite agility ensures that we will be able to provide a heightened level of security in Wire to our customers without changing the whole codebase. Essentially, having more than one ciphersuite enables the system to be more adaptable to different security scenarios, making it more resilient to attacks and vulnerabilities. Wire’s implementation of MLS also supports interoperability, adhering to open standard protocols for seamless integration with other systems and communication platforms. Wire looks forward to a future where other platforms also adopt these standards, to fully realize the potential of interoperability.

Outlook: What is the future of secure business communication

Scalability is no longer a barrier to end-to-end encryption, as MLS can easily support groups of thousands of clients, making it a better choice for organizations seeking a secure group communication solution than traditional end-to-end encryption. In conclusion, while Proteus is suitable for one-to-one and small group communication, MLS is better suited for large group communication, and is the more future-proof solution. Given that the MLS standard is being finalized along with the progressive advancements in Wire, it makes the adoption of end-to-end encryption in businesses and governments a foregone conclusion…

While the changes introduced by MLS may seem predominantly technical, they’ll certainly enable a widespread use of end-to-end encryption in the business context. When encrypted communication is as fast and seamless as non-encrypted exchanges, this will enable more and more businesses to change to more secure means.

If you’re interested in future-proofing your communications, talk to our experts.
Said El-Safadi

Said El-Safadi

Is a Business Development Manager, pushing growth through the creation of lasting relationships and strategic partnerships, followed by market analysis. Beyond business, Said is a tech enthusiast with a deep passion for cybersecurity and the development of I.T. as a whole, bridging the gap between innovation & protection.

2023_IM_HomePage2_EN-1536x1056

Subscribe to our newsletter

Latest Articles

Improved Usability: Wire's Desktop & Web Updates

Improved Usability: Wire's Desktop & Web Updates

Discover Wire's latest updates, including an improved calling UI, enhanced conversation views, read receipts, and more.

Improved Usability: Wire's Desktop & Web Updates
Marisol Vales

April 17, 2024

Product News
Digital Sovereignty: Wire and Schwarz Group announce partnership

Digital Sovereignty: Wire and Schwarz Group announce partnership

Wire and Schwarz Group announcing a strategic partnership and investment to strengthen the digital infrastructure of Europe.

Secure Communication
Hauke Gierow

April 11, 2024

Privacy
Project Ghostbuster: Why WhatsApp should not be used in business

Project Ghostbuster: Why WhatsApp should not be used in business

New allegations show why Meta apps like WhatsApp should not be used in professional circumstances.

Project Ghostbuster: Why WhatsApp should not be used in business
Hauke Gierow

March 28, 2024

Privacy