Nostr Web Client

“The Signal protocol is used by two parties to exchange encrypted messages based on a shared secret key.”

“Messaging Layer Security (MLS) is a security layer for encrypting messages in groups ranging from two to many.”

So, it might seem logical to conclude that "the MLS protocol is a superset of the Signal protocol, and the Signal protocol is a subset of the MLS protocol. Whether it's one-on-one private chats, small group chats, or large group chats, the MLS protocol alone could be used to implement them."

However, this seemingly logical conclusion is incorrect.

The MLS protocol is not as efficient as the Signal protocol for implementing one-on-one chats and small group chats.

Assume a two-person MLS group chat and a one-on-one chat using the Signal protocol, both achieving the same level of security.

In the MLS group, each message sent requires an additional message to update the encryption key (with forward secrecy and backward secrecy capabilities).

In contrast, one-on-one chats using the Signal protocol do not require this additional message to update the encryption key (with forward secrecy and backward secrecy capabilities). nostr:note13hk6h6c9zrpndsvy08tr0xlvz45jfj2twfl3tp03jt08sv6kcxmqx34nax

Reply to this note

Please Login to reply.

Discussion

water783 1y ago

Oh, if that's the case, using the Signal protocol for one-on-one chats only requires sending one message, while using the MLS protocol requires sending two messages? what do you think? nostr:npub1zuuajd7u3sx8xu92yav9jwxpr839cs0kc3q6t56vd5u9q033xmhsk6c2uc

JeffG 1y ago

Does it matter? The extra overhead of sending a single extra event to the server is negligible...

I'm really confused as to why the nostr:npub1h0uj825jgcr9lzxyp37ehasuenq070707pj63je07n8mkcsg3u0qnsrwx8 folks keep banging on about it. As a dev, would I prefer to implement two entirely different protocols or just one that handles DMs and Groups and can do so in a secure way?!