keychat on Nostr: “The Signal protocol is used by two parties to exchange encrypted messages based on ...
“The Signal protocol is used by two parties to exchange encrypted messages based on a shared secret key.”
“Messaging Layer Security (MLS) is a security layer for encrypting messages in groups ranging from two to many.”
So, it might seem logical to conclude that "the MLS protocol is a superset of the Signal protocol, and the Signal protocol is a subset of the MLS protocol. Whether it's one-on-one private chats, small group chats, or large group chats, the MLS protocol alone could be used to implement them."
However, this seemingly logical conclusion is incorrect.
The MLS protocol is not as efficient as the Signal protocol for implementing one-on-one chats and small group chats.
Assume a two-person MLS group chat and a one-on-one chat using the Signal protocol, both achieving the same level of security.
In the MLS group, each message sent requires an additional message to update the encryption key (with forward secrecy and backward secrecy capabilities).
In contrast, one-on-one chats using the Signal protocol do not require this additional message to update the encryption key (with forward secrecy and backward secrecy capabilities).
“Messaging Layer Security (MLS) is a security layer for encrypting messages in groups ranging from two to many.”
So, it might seem logical to conclude that "the MLS protocol is a superset of the Signal protocol, and the Signal protocol is a subset of the MLS protocol. Whether it's one-on-one private chats, small group chats, or large group chats, the MLS protocol alone could be used to implement them."
However, this seemingly logical conclusion is incorrect.
The MLS protocol is not as efficient as the Signal protocol for implementing one-on-one chats and small group chats.
Assume a two-person MLS group chat and a one-on-one chat using the Signal protocol, both achieving the same level of security.
In the MLS group, each message sent requires an additional message to update the encryption key (with forward secrecy and backward secrecy capabilities).
In contrast, one-on-one chats using the Signal protocol do not require this additional message to update the encryption key (with forward secrecy and backward secrecy capabilities).
quoting note13hk…4naxThe Signal protocol and the MLS (Message Layer Security) protocol are both designed for end-to-end encryption of messages.
The Signal protocol is particularly suited for one-on-one chats and small group. On the other hand, the MLS protocol is more appropriate for larger group.
Both can be implemented on Nostr.
If you are interested in understanding the basic principles of these protocols, I highly recommend the following two videos:
https://youtu.be/7uEeE3TUqmU
https://youtu.be/FESp2LHd42U