Messaging Layer Security in Rust

Overview

RMLS is a Rust implementation of the Messaging Layer Security (MLS) protocol, as specified in RFC 9420. Messaging Layer Security (MLS) is a key establishment protocol that provides efficient asynchronous group key establishment with forward secrecy (FS) and post-compromise security (PCS) for groups in size ranging from two to thousands.

Supported CipherSuites

• MLS_128_HPKEX25519_AES128GCM_SHA256_Ed25519
• MLS_128_DHKEMP256_AES128GCM_SHA256_P256
• MLS_128_HPKEX25519_CHACHA20POLY1305_SHA256_Ed25519

Supported Platforms

RMLS is built and tested on the Github CI for the following rust targets:

• x86_64-unknown-linux-gnu
• i686-unknown-linux-gnu
• x86_64-pc-windows-msvc
• i686-pc-windows-msvc
• x86_64-apple-darwin

The Github CI also builds (but doesn't test) the following rust targets:

• aarch64-apple-darwin
• aarch64-unknown-linux-gnu
• aarch64-linux-android
• aarch64-apple-ios
• aarch64-apple-ios-sim
• wasm32-unknown-unknown
• armv7-linux-androideabi
• x86_64-linux-android
• i686-linux-android

Cryptography Dependencies

RMLS does not implement its own cryptographic primitives. Instead, it relies on existing implementations of the cryptographic primitives, i.e., ring or RustCrypto. There are two cryptography providers implemented right now:

• ring based crypto provider
• RustCrypto based crypto provider

Other cryptography providers, like openssl or boring, are also possible, see CryptoProvider Trait for more details.

Open Source License

Dual licensing under both MIT and Apache-2.0 is the currently accepted standard by the Rust language community and has been used for both the compiler and many public libraries since (see https://doc.rust-lang.org/1.6.0/complement-project-faq.html#why-dual-mitasl2-license). In order to match the community standards, RMLS is using the dual MIT+Apache-2.0 license.

Contributing

Contributors or Pull Requests are Welcome!!!