Bringing MLS into the mainstream

December 9, 2019

By Raphael Robert, Head of Security at Wire


jumpstory-download20191205-174258

Messaging Layer Security (MLS) has the potential to be the industry standard when it comes to enterprise collaboration.

My colleague, Alan Duric, wrote about the birth of MLS in his blog post, where he outlined how its founding members came together with a vision of transforming enterprise communication. The time, energy, and dedication of many who share a passion for developing a more secure industry standard have gone into creating the MLS working group committed to securing enterprise collaboration.

The technology pursued by this working group is significant, as it will allow enterprise employees to communicate securely across devices. By leveraging encryption, maximum flexibility and fluidity, along with its existence within the unique-to-Wire Federated environment, MLS will allow multiple companies to be part of a wider group, all while using secure private servers. A company can thus host its own server yet have the ability to talk to another server, using Wire as the go-between. At present, this is a capability that no other enterprise technology is able to provide.

In short, MLS will be able to facilitate secure collaboration between a wide group of people and is therefore vital in enterprise scenarios. Because of these groundbreaking features, MLS is poised to become the industry standard in enterprise collaboration.

Practical applications of MLS technology in the workplace

In the modern workforce, it is not uncommon for employees to use multiple devices. For example, an individual can have a mobile device, a tablet, and a laptop –all of which they use to work and communicate with people from within and outside of their organisation. Sometimes these devices don’t even belong to the company, with workers bringing their own devices (BYOD) into the workplace ecosystem through the use of personal handsets or home desktops when working remotely. The dangers that this brings in terms of cyber-security are obvious.

To keep safe when collaborating in such a modern working environment, you need strong security and state-of-the-art technology. Enter MLS.

While MLS is not designed to protect what is on these individual devices, it is able to protect the communication between them. Previous protocols did not take into account BYOD, nor the need for large-scale enterprise communications. In the past years, a number of messengers have started using the Double Ratchet Algorithm from Signal for end-to-end encryption, just like Wire. Though effective, it was only designed for one-to-one communications and is harder to deploy in group messaging situations. This is still a flaw of Signal and other messengers that has not been addressed, rendering them unable to cater for general multi-device scenarios and group messaging efficiently and securely.

In particular, the group and device management software layer that sits on top of the secure protocol is completely proprietary in all those messengers and has typically not been analysed in depth. Besides the efficiency gain, this is where MLS will be able to go beyond what Signal is able to offer by giving some cryptographic assurance of who is really a member of a group.

MLS also lessens the threat of ‘shadow IT’ within a business, when employees look to get around the restraints of IT security protocols in place by seeking out their own solutions or by using alternatives. For example, WhatsApp is a fantastic communication tool, but enterprise collaboration platforms necessitate security and control. MLS is able to mimic the ease-of-use of WhatsApp’s user experience, but for the enterprise space. This means that the adoption of MLS will make employees less likely to turn to such unauthorised, volatile, yet admittedly impressive, consumer applications.

Transparency is at the heart of MLS

A unique component of the MLS technology is that it both encrypts and makes clear to all participants who is in the group, meaning that there is no chance of ‘ghost users’. Hence, MLS is importantly able to block foreign espionage and malicious attackers from accessing group conversations.

Critically, MLS can be utilised for groups of up to tens of thousands of members, meaning that it can be used on an enterprise scale that has not been seen before in previous protocols, which were typically restricted to the hundreds at best. As such, a barrier that has held companies back from adopting end-to-end encryption in the past is set to be removed.

Finally, the MLS working group, which Wire co-initiated, ensures that the protocol is being developed in an open environment, allowing people to comment and provide feedback on the process. Wire is fully committed to also further increase the transparency of the product, as it works towards the goal of improving secure communications for the enterprise.

Our goal with developing and championing MLS is for it to become an open standard, so that all within the enterprise can take advantage of the security that it offers, meaning mass adoption. MLS has the potential to revolutionise the enterprise by making collaboration efficient, inexpensive and secure. If we achieve that, it will be an absolute game-changer when it comes to mainstream enterprise collaboration in particular, and secure messaging in general.

More on Messaging Layer Security (MLS):

MLS - the future of collaboration? →

Download the full MLS report →


Start a free trial today to be at the forefront of secure collaboration.

Back to all posts