Lib.rs

Cryptography
#end-to-end-encryption #security #mls #e2ee #crypto #user-defined

no-std mls-rs

An implementation of Messaging Layer Security (RFC 9420)

by Tom Leavy, mulmarta, Stephane Raux and 10 contributors

27 releases (11 breaking)

0.45.0 Feb 6, 2025
0.43.2 Dec 23, 2024
0.43.1 Nov 28, 2024
0.41.0 Jul 24, 2024
0.35.0 Nov 20, 2023

#87 in Cryptography

Download history 134/week @ 2024-10-23 11/week @ 2024-10-30 232/week @ 2024-11-06 75/week @ 2024-11-13 197/week @ 2024-11-20 141/week @ 2024-11-27 90/week @ 2024-12-04 122/week @ 2024-12-11 182/week @ 2024-12-18 202/week @ 2024-12-25 1355/week @ 2025-01-01 2121/week @ 2025-01-08 2104/week @ 2025-01-15 1971/week @ 2025-01-22 1822/week @ 2025-01-29 1606/week @ 2025-02-05

7,964 downloads per month
Used in 2 crates

Apache-2.0 OR MIT

1.5MB
38K SLoC

mls-rs   Build Status Latest Version API Documentation codecov

An implementation of the IETF Messaging Layer Security end-to-end encryption (E2EE) protocol.

What is MLS?

MLS is a new IETF end-to-end encryption standard that is designed to provide transport agnostic, asynchronous, and highly performant communication between a group of clients.

MLS Protocol Features

  • Multi-party E2EE group evolution via a propose-then-commit mechanism.
  • Asynchronous by design with pre-computed key packages, allowing members to be added to a group while offline.
  • Customizable credential system with built in support for X.509 certificates.
  • Extension system allowing for application specific data to be negotiated via the protocol.
  • Strong forward secrecy and post compromise security.
  • Crypto agility via support for multiple cipher suites.
  • Pre-shared key support.
  • Subgroup branching.
  • Group reinitialization for breaking changes such as protocol upgrades.

Features

  • Easy to use client interface that can manage multiple MLS identities and groups.
  • 100% RFC 9420 conformance with support for all default credential, proposal, and extension types.
  • Support for WASM builds.
  • Configurable storage for key packages, secrets and group state via traits along with provided "in memory" and SQLite implementations.
  • Support for custom user proposal and extension types.
  • Ability to create user defined credentials with custom validation routines that can bridge to existing credential schemes.
  • OpenSSL and Rust Crypto based cipher suite implementations.
  • Crypto agility with support for user defined cipher suite.
  • Extensive test suite including security and interop focused tests against pre-computed test vectors.

Crypto Providers

For cipher suite descriptions see the RFC documentation here

Name Cipher Suites X509 Support
OpenSSL 1-7 Stable
AWS-LC 1,2,3,5,7 Stable
Rust Crypto 1,2,3 ⚠️ Experimental
Web Crypto ⚠️ Experimental 2,5,7 Unsupported
CryptoKit 1,2,3,5,7 Unsupported

Security Notice

This library has been validated for conformance to the RFC 9420 specification but has not yet received a full security audit by a 3rd party.

License

This library is licensed under the Apache-2.0 or the MIT License.

Dependencies

~2.3–8.5MB
~156K SLoC