🚨Der vorgelegte Gesetzentwurf zur "IP-Adressspeicherung" geht weit über vergangene Gesetzesentwürfe hinaus, die von deutschen und europäischen Gerichten als verfassungswidrig eingestuft wurden, und läuft völlig der eigentlichen Idee von Datenschutz und Datenminimierung zuwider.
Invitation cards in front of a notebook with a MLS sticker. AIR • No phone number or email • End-to-end encrypted • No metadata retention • Open-source • Post-quantum secure • Based on Messaging Layer Security (MLS) and open standards • EU-based
We will be at #FOSDEM and will bring something exciting: Invitation codes for the beta phase of @air.ms, our new secure messenger based on MLS! ✨
Hit @julianmair.com up if you’d like to join the beta with your friends.
Invitation cards in front of the ALL CREATURES WELCOME banner AIR • No phone number or email • End-to-end encrypted • No metadata retention • Open-source • Post-quantum secure • Based on Messaging Layer Security (MLS) and open standards • EU-based
We will be at #39C3 and we brought something exciting: Invitation codes for the beta phase of Air, our new secure messenger based on MLS! ✨
Hit us up if you’d like to join the beta with your friends.
You can also follow @air.ms, where we’ll post updates over time.
Our solution builds on research by Alwen et al., using Puncturable Pseudorandom Functions (PPRFs) to allow multiple group states to coexist securely.
This means:
- No need for a central ordering service
- Maintain Forward Secrecy even with forks
- Better support for decentralized messaging
We made MLS more decentralized! We are excited to share DMLS that brings fork resilience to the MLS protocol, solving a key challenge in distributed systems while maintaining Forward Secrecy.
This work was made possible by @equalitie.bsky.social, who funded it as part of the Breakout program.
🚨 Der Gesetzentwurf zur #Chatkontrolle sieht vor, dass digitale Kommunikation einschließlich verschlüsselter Nachrichten und Fotos gescannt werden soll.
Wir haben uns an die deutsche Bundesregierung gewandt, sich am 14. Oktober gegen den Gesetzesvorschlag der Chatkontrolle auszusprechen.
We did a thing. We combined TLS and MLS into a hybrid protocol.
Why? Because sometimes you need connections that last for weeks, quantum-resistant security, or simpler certificates.
The experiment is open-source. Here's the story 👇
We are #hiring a Freelance Junior Product Manager to help us build the next generation of private & secure messaging.
If you’re interested in joining our team, please apply today!
For friends of secure messaging 🥷, please share our post with potential candidates.
Happy to announce that I’ll be speaking at @passthesaltcon.bsky.social on July 2nd!
I’ll discuss end-to-end encryption with MLS, the growing MLS ecosystem, the MIMI IETF working group, and metadata protection.
It’s my first time attending, and I look forward to connecting with the French community!
The MLS Architecture document – the companion document to the MLS Protocol document – is now finally available as RFC 9750:
www.rfc-editor.org/info/rfc9750
MLS is efficient, but what does that mean in practice?
This paper sheds some light on the question by building a test framework for OpenMLS.
arxiv.org/pdf/2502.18303
We are happy @opentechfund.bsky.social is supporting our mission to bridge the gap in the secure messenger space by developing a new technological foundation for secure and private messaging that combines functional, privacy, and security features in a way that addresses a variety of threat models.
A good part of the team joined the #38C3 which was a good way to end the year. 2025 will be an exciting year for us, we will share updates about our work along the way. You can follow us here or subscribe to our blog at blog.phnx.im/#/portal/signup.
(🧵2/2)
📸 Leah Oswald (CC BY-SA 2.0)
Happy New Year! Phoenix R&D enters 2025 with some good news! Over the last few months we have doubled our team size, which will help us shorten our development cycles.
We are excited about the new research projects. These projects also allow us to further diversify our sources of income.
(🧵1/2)
This weekend, @raphaelrobert.bsky.social and @julianmair.com are joining the #GlobalGathering.
We will be hosting a booth and circle on Saturday to discuss the current state of privacy preserving and decentralized messengers.
We look forward to seeing you at there! Feel free to ping us!
We #hiring a full-time and a freelance Senior Rust Engineer to help us build the next generation of private & secure messaging.
If you’re interested in joining our team, please apply today! For friends of secure messaging 🥷, please share our post with potential candidates.
- Prospective integration in platforms, like Firefox and Android
- Metadata protection in MLS
- Using MLS as a general purpose key establishment mechanism beyond messaging in e.g.: video conferencing, password managers, hypervisors, enclaves, etc.
(🧵2/2)
Raphael Robert standing on RWC stage
We attended the Real World Crypto Symposium in Toronto 🇨🇦 where @raphaelrobert.bsky.social talked about how far MLS has come since RWC 2019.
Highlights:
- Post-quantum resistance and how easy it is to upgrade from current schemes
- Deployment in existing products like Webex and Discord
(🧵1/2)
WhatsApp shared first details on how they will comply with the #DMA. We are critical of the Signal protocol, as there has never been a complete specification that allows secure implementation of the protocol. This was one of the main reasons to develop MLS.
Our conversation with @netzpolitik.org👇
In case you missed our talk about Messaging Layer Security (MLS) at #37C3, you can re-watch it now.
MLS brings substantial improvements in performance and security compared to existing protocols.
#securemessaging #encryption #e2ee #messaginglayersecurity
Raphael presenting MLS at 37C3
We ended 2023 with a talk at #37C3. @raphaelrobert.bsky.social and Konrad presented Messaging Layer Security (MLS).
The room was packed and some people couldn't attend – luckily the talk is now online.
🍿 media.ccc.de/v/37c3-12064...
#securemessaging #encryption #e2ee #messaginglayersecurity
Today at #37c3, 3:45pm, Konrad and I will give a talk in hall Zuse about Messaging Layer Security (MLS).
They call it RFC 9420, we say MLS: A new IETF standard for end-to-end encryption, bringing improvements in performance and security.
👉 fahrplan.events.ccc.de/congress/202...
@julianmair.com will be buzzing through the corridors and can be reached via DECT at 4109. If you want to talk about secure messaging or E2EE, let us know!
Picture from the train with a computer on the table with an open presentation: "RFC 9420 - or how to scale end-to-end encryption with Messaging Layer Security (MLS)".
We are very excited to be at #37c3 in Hamburg after a long pandemic break. On day 3 (29.12., 3:45pm), @raphaelrobert.bsky.social and Konrad will give a talk on “RFC 9420 – or how to scale end-to-end encryption with Messaging Layer Security (MLS)”
👉 fahrplan.events.ccc.de/congress/202...
After @netzpolitik.org’s recent investigation into surveillance through push notifications, many people have been concerned about how their own privacy is affected when using messengers anonymously.
In this blog post we examined the problem and what to do about it. Check it out 👇
Check out our blog post where we examine the push notification problem and address potential misconceptions!
In the wake of recent reports on surveillance via push notifications, many people have been confused about it and how it affects their own privacy when using messengers anonymously.
First impactful measure following last week's splash about push notification surveillance:
www.reuters.com/technology/a...
Let's make this crystal clear: If you think you are anonymous because you
- used a throwaway number for Signal
- picked a completely random username for Wire/Matrix
- were given a random username with Threema/Session
YOU ARE NOT! You can be identified by the push tokens.
