search

bcgit / bc-java

Bouncy Castle Java Distribution (Mirror)
https://www.bouncycastle.org/java.html
MIT License
2.22k stars 1.1k forks source link

New Feature: Messaging Layer Security #1317

Open bifurcation opened 1 year ago

bifurcation commented 1 year ago

The IETF is close to finalizing a specification for Messaging Layer Security, an efficient and well-vetted group key management protocol, in particular for use in end-to-end encryption systems. There is a small but growing ecosystem of MLS implementations. Draft versions of MLS has been deployed in production for E2E encryption in Webex and RingCentral.

As MLS expands into more environments that rely on Java and Kotlin, it would be helpful to have a widely available MLS library in those languages, for much the same reasons that motivate the TLS functionality in BouncyCastle. The proposal here would be to add an mls module parallel to the tls module.

For context: I am the lead maintainer on the Cisco C++ MLS implementation, and would be glad to contribute to work on this issue. But before doing that, I wanted to file an issue to get feedback on how folks would feel about including this functionality in BouncyCastle.

dghgit commented 1 year ago

Hi, sorry for the delay in getting back. Yes, we'd be happy to add this to Bouncy Castle. What did you have in mind? Thanks.

bifurcation commented 1 year ago

Great, glad to hear it! In terms of what I have in mind: To first order, implementing the MLS specification, in terms of the message formats and cryptography.

The main question in my mind is the API, which is less clear cut than in the TLS case, since it's a group thing and not merely a socket abstraction (there's nothing like JSSE to look to for inspiration). There are a couple of design patterns emerging if you look at some of the other existing implementations:

I suspect that the right answer will be "both". There are use cases for both; sometimes you want something easy to use, but sometimes you need more control. And the obvious way to build the high-level one is to build using the low-level one, so it's mainly a question of whether the low-level one gets exposed.

In any case, feedback / guidance would be very welcome (in general, not just on the API). I'm new to BC and not all that fluent in Java idioms. I have started some work in a branch of a fork, but that only has a few low-level things at the moment.