Messaging Layer Security
Messaging Layer Security is an Internet standard for asynchronous group key agreement. It supplies E2EE key establishment with PFS and PCS for groups ranging from two clients to very large memberships.
Scope
MLS represents group members as leaves in a tree. Membership changes advance the group to a new epoch, allowing key updates to scale more efficiently than encrypting every group operation separately for every member.
The protocol does not define a complete messenger. RFC 9750 explicitly leaves delivery, application content, identity and authentication infrastructure, metadata handling, backups, and user-facing verification to the embedding system. Cryptographic interoperability therefore does not ensure application or identity interoperability.
Security boundary
MLS protects application data against a compromised delivery service, but assumes that another layer protects transport metadata from ordinary network observers. Endpoint compromise, credential replacement, message suppression, and insider replay require system-level handling.
Jaeger and Kumar group chat encryption analysis identifies replay and reordering attacks available to group insiders in the analyzed construction. Secure and decentralized communication stacks uses MLS to distinguish a cryptographic substrate from a deployed communication product.