Phoenix R&D
@phoenixrd.bsky.social
We Build Secure Communication Solutions
We made MLS more decentralized! We are excited to share DMLS that brings fork resilience to the MLS protocol, solving a key challenge in distributed systems while maintaining Forward Secrecy.
This work was made possible by @equalitie.bsky.social, who funded it as part of the Breakout program.
This work was made possible by @equalitie.bsky.social, who funded it as part of the Breakout program.
Making MLS more decentralized
It’s no secret that we at Phoenix R&D are big fans of the Messaging Layer Security (MLS) protocol, having helped it to come into existence. It’s a versatile group key agreement and messaging protocol ...
blog.phnx.im
October 29, 2025 at 9:36 AM
We made MLS more decentralized! We are excited to share DMLS that brings fork resilience to the MLS protocol, solving a key challenge in distributed systems while maintaining Forward Secrecy.
This work was made possible by @equalitie.bsky.social, who funded it as part of the Breakout program.
This work was made possible by @equalitie.bsky.social, who funded it as part of the Breakout program.
🚨 Der Gesetzentwurf zur #Chatkontrolle sieht vor, dass digitale Kommunikation einschließlich verschlüsselter Nachrichten und Fotos gescannt werden soll.
Wir haben uns an die deutsche Bundesregierung gewandt, sich am 14. Oktober gegen den Gesetzesvorschlag der Chatkontrolle auszusprechen.
Wir haben uns an die deutsche Bundesregierung gewandt, sich am 14. Oktober gegen den Gesetzesvorschlag der Chatkontrolle auszusprechen.
Unser Brandbrief zur geplanten Chatkontrolle – eine Gefährdung der digitalen Sicherheit Deutschlands | Phoenix R&D
🚨Der Gesetzentwurf zur #Chatkontrolle sieht vor, dass digitale Kommunikation einschließlich verschlüsselter Nachrichten und Fotos gescannt werden soll.
Die Sicherheit von sicheren Messenger-Diensten ...
www.linkedin.com
October 6, 2025 at 8:02 PM
🚨 Der Gesetzentwurf zur #Chatkontrolle sieht vor, dass digitale Kommunikation einschließlich verschlüsselter Nachrichten und Fotos gescannt werden soll.
Wir haben uns an die deutsche Bundesregierung gewandt, sich am 14. Oktober gegen den Gesetzesvorschlag der Chatkontrolle auszusprechen.
Wir haben uns an die deutsche Bundesregierung gewandt, sich am 14. Oktober gegen den Gesetzesvorschlag der Chatkontrolle auszusprechen.
We did a thing. We combined TLS and MLS into a hybrid protocol.
Why? Because sometimes you need connections that last for weeks, quantum-resistant security, or simpler certificates.
The experiment is open-source. Here's the story 👇
Why? Because sometimes you need connections that last for weeks, quantum-resistant security, or simpler certificates.
The experiment is open-source. Here's the story 👇
Combining TLS and MLS: An experiment
We did a thing. We combined TLS and MLS into a hybrid protocol. Of course, when things get serious, full names are in order: We combined the Transport Layer Security protocol and the Messaging Layer S...
blog.phnx.im
July 2, 2025 at 8:06 AM
We did a thing. We combined TLS and MLS into a hybrid protocol.
Why? Because sometimes you need connections that last for weeks, quantum-resistant security, or simpler certificates.
The experiment is open-source. Here's the story 👇
Why? Because sometimes you need connections that last for weeks, quantum-resistant security, or simpler certificates.
The experiment is open-source. Here's the story 👇
We are #hiring a Freelance Junior Product Manager to help us build the next generation of private & secure messaging.
If you’re interested in joining our team, please apply today!
For friends of secure messaging 🥷, please share our post with potential candidates.
If you’re interested in joining our team, please apply today!
For friends of secure messaging 🥷, please share our post with potential candidates.
Phoenix R&D (Remote): Freelance Junior Product Manager (all genders, part-time)
Phoenix R&D GmbH has a remote job opening for Freelance Junior Product Manager (all genders, part-time) (published: 15.05.2025). Apply now or check the other available jobs.
join.com
May 15, 2025 at 9:51 AM
We are #hiring a Freelance Junior Product Manager to help us build the next generation of private & secure messaging.
If you’re interested in joining our team, please apply today!
For friends of secure messaging 🥷, please share our post with potential candidates.
If you’re interested in joining our team, please apply today!
For friends of secure messaging 🥷, please share our post with potential candidates.
Reposted by Phoenix R&D
Happy to announce that I’ll be speaking at @passthesaltcon.bsky.social on July 2nd!
I’ll discuss end-to-end encryption with MLS, the growing MLS ecosystem, the MIMI IETF working group, and metadata protection.
It’s my first time attending, and I look forward to connecting with the French community!
I’ll discuss end-to-end encryption with MLS, the growing MLS ecosystem, the MIMI IETF working group, and metadata protection.
It’s my first time attending, and I look forward to connecting with the French community!
May 14, 2025 at 8:08 AM
Happy to announce that I’ll be speaking at @passthesaltcon.bsky.social on July 2nd!
I’ll discuss end-to-end encryption with MLS, the growing MLS ecosystem, the MIMI IETF working group, and metadata protection.
It’s my first time attending, and I look forward to connecting with the French community!
I’ll discuss end-to-end encryption with MLS, the growing MLS ecosystem, the MIMI IETF working group, and metadata protection.
It’s my first time attending, and I look forward to connecting with the French community!
Reposted by Phoenix R&D
The MLS Architecture document – the companion document to the MLS Protocol document – is now finally available as RFC 9750:
www.rfc-editor.org/info/rfc9750
www.rfc-editor.org/info/rfc9750
Information on RFC 9750 » RFC Editor
www.rfc-editor.org
April 22, 2025 at 9:08 PM
The MLS Architecture document – the companion document to the MLS Protocol document – is now finally available as RFC 9750:
www.rfc-editor.org/info/rfc9750
www.rfc-editor.org/info/rfc9750
Reposted by Phoenix R&D
MLS is efficient, but what does that mean in practice?
This paper sheds some light on the question by building a test framework for OpenMLS.
arxiv.org/pdf/2502.18303
This paper sheds some light on the question by building a test framework for OpenMLS.
arxiv.org/pdf/2502.18303
arxiv.org
February 27, 2025 at 12:18 AM
MLS is efficient, but what does that mean in practice?
This paper sheds some light on the question by building a test framework for OpenMLS.
arxiv.org/pdf/2502.18303
This paper sheds some light on the question by building a test framework for OpenMLS.
arxiv.org/pdf/2502.18303
We are happy @opentechfund.bsky.social is supporting our mission to bridge the gap in the secure messenger space by developing a new technological foundation for secure and private messaging that combines functional, privacy, and security features in a way that addresses a variety of threat models.
Check out @opentechfund.bsky.social’s new Impacts & Outcomes page to learn about key results from our work!
Impacts and Outcomes
We have supported pioneering open source internet freedom technologies that counter authoritarian information controls and enhance digital security and privacy so that all people can exercise their fundamental...
buff.ly
January 21, 2025 at 1:17 PM
We are happy @opentechfund.bsky.social is supporting our mission to bridge the gap in the secure messenger space by developing a new technological foundation for secure and private messaging that combines functional, privacy, and security features in a way that addresses a variety of threat models.
Happy New Year! Phoenix R&D enters 2025 with some good news! Over the last few months we have doubled our team size, which will help us shorten our development cycles.
We are excited about the new research projects. These projects also allow us to further diversify our sources of income.
(🧵1/2)
We are excited about the new research projects. These projects also allow us to further diversify our sources of income.
(🧵1/2)
January 7, 2025 at 10:05 AM
Happy New Year! Phoenix R&D enters 2025 with some good news! Over the last few months we have doubled our team size, which will help us shorten our development cycles.
We are excited about the new research projects. These projects also allow us to further diversify our sources of income.
(🧵1/2)
We are excited about the new research projects. These projects also allow us to further diversify our sources of income.
(🧵1/2)
This weekend, @raphaelrobert.bsky.social and @julianmair.com are joining the #GlobalGathering.
We will be hosting a booth and circle on Saturday to discuss the current state of privacy preserving and decentralized messengers.
We look forward to seeing you at there! Feel free to ping us!
We will be hosting a booth and circle on Saturday to discuss the current state of privacy preserving and decentralized messengers.
We look forward to seeing you at there! Feel free to ping us!
September 26, 2024 at 12:21 PM
This weekend, @raphaelrobert.bsky.social and @julianmair.com are joining the #GlobalGathering.
We will be hosting a booth and circle on Saturday to discuss the current state of privacy preserving and decentralized messengers.
We look forward to seeing you at there! Feel free to ping us!
We will be hosting a booth and circle on Saturday to discuss the current state of privacy preserving and decentralized messengers.
We look forward to seeing you at there! Feel free to ping us!
We #hiring a full-time and a freelance Senior Rust Engineer to help us build the next generation of private & secure messaging.
If you’re interested in joining our team, please apply today! For friends of secure messaging 🥷, please share our post with potential candidates.
If you’re interested in joining our team, please apply today! For friends of secure messaging 🥷, please share our post with potential candidates.
Jobs at Phoenix R&D GmbH | JOIN
Jobs at Phoenix R&D GmbH. Browse all open positions and become part of our growing team! We are currently looking for additions to our company. Apply today!
join.com
September 4, 2024 at 10:50 AM
We #hiring a full-time and a freelance Senior Rust Engineer to help us build the next generation of private & secure messaging.
If you’re interested in joining our team, please apply today! For friends of secure messaging 🥷, please share our post with potential candidates.
If you’re interested in joining our team, please apply today! For friends of secure messaging 🥷, please share our post with potential candidates.
We attended the Real World Crypto Symposium in Toronto 🇨🇦 where @raphaelrobert.bsky.social talked about how far MLS has come since RWC 2019.
Highlights:
- Post-quantum resistance and how easy it is to upgrade from current schemes
- Deployment in existing products like Webex and Discord
(🧵1/2)
Highlights:
- Post-quantum resistance and how easy it is to upgrade from current schemes
- Deployment in existing products like Webex and Discord
(🧵1/2)
March 28, 2024 at 9:24 AM
We attended the Real World Crypto Symposium in Toronto 🇨🇦 where @raphaelrobert.bsky.social talked about how far MLS has come since RWC 2019.
Highlights:
- Post-quantum resistance and how easy it is to upgrade from current schemes
- Deployment in existing products like Webex and Discord
(🧵1/2)
Highlights:
- Post-quantum resistance and how easy it is to upgrade from current schemes
- Deployment in existing products like Webex and Discord
(🧵1/2)
WhatsApp shared first details on how they will comply with the #DMA. We are critical of the Signal protocol, as there has never been a complete specification that allows secure implementation of the protocol. This was one of the main reasons to develop MLS.
Our conversation with @netzpolitik.org👇
Our conversation with @netzpolitik.org👇
Interoperabilität: WhatsApp soll bald mit anderen Messengern reden können – netzpolitik.org
Wegen neuer Regeln in der EU muss WhatsApp sich so öffnen, dass die Nutzer:innen auch mit Kontakten auf anderen Messengern kommunizieren können. Nun hat WhatsApp erste Details verraten, wie das gehen soll. Doch grundsätzliche Probleme bleiben.
netzpolitik.org
February 9, 2024 at 9:25 AM
WhatsApp shared first details on how they will comply with the #DMA. We are critical of the Signal protocol, as there has never been a complete specification that allows secure implementation of the protocol. This was one of the main reasons to develop MLS.
Our conversation with @netzpolitik.org👇
Our conversation with @netzpolitik.org👇
In case you missed our talk about Messaging Layer Security (MLS) at #37C3, you can re-watch it now.
MLS brings substantial improvements in performance and security compared to existing protocols.
#securemessaging #encryption #e2ee #messaginglayersecurity
MLS brings substantial improvements in performance and security compared to existing protocols.
#securemessaging #encryption #e2ee #messaginglayersecurity
RFC 9420 or how to scale end-to-end encryption with Messaging Layer Security
They call it RFC 9420, we say MLS: A new IETF standard for end-to-end encryption was published in July and brings large improvements in p...
media.ccc.de
January 9, 2024 at 9:35 AM
In case you missed our talk about Messaging Layer Security (MLS) at #37C3, you can re-watch it now.
MLS brings substantial improvements in performance and security compared to existing protocols.
#securemessaging #encryption #e2ee #messaginglayersecurity
MLS brings substantial improvements in performance and security compared to existing protocols.
#securemessaging #encryption #e2ee #messaginglayersecurity
We ended 2023 with a talk at #37C3. @raphaelrobert.bsky.social and Konrad presented Messaging Layer Security (MLS).
The room was packed and some people couldn't attend – luckily the talk is now online.
🍿 media.ccc.de/v/37c3-12064...
#securemessaging #encryption #e2ee #messaginglayersecurity
The room was packed and some people couldn't attend – luckily the talk is now online.
🍿 media.ccc.de/v/37c3-12064...
#securemessaging #encryption #e2ee #messaginglayersecurity
January 3, 2024 at 9:25 AM
We ended 2023 with a talk at #37C3. @raphaelrobert.bsky.social and Konrad presented Messaging Layer Security (MLS).
The room was packed and some people couldn't attend – luckily the talk is now online.
🍿 media.ccc.de/v/37c3-12064...
#securemessaging #encryption #e2ee #messaginglayersecurity
The room was packed and some people couldn't attend – luckily the talk is now online.
🍿 media.ccc.de/v/37c3-12064...
#securemessaging #encryption #e2ee #messaginglayersecurity
Reposted by Phoenix R&D
Today at #37c3, 3:45pm, Konrad and I will give a talk in hall Zuse about Messaging Layer Security (MLS).
They call it RFC 9420, we say MLS: A new IETF standard for end-to-end encryption, bringing improvements in performance and security.
👉 fahrplan.events.ccc.de/congress/202...
They call it RFC 9420, we say MLS: A new IETF standard for end-to-end encryption, bringing improvements in performance and security.
👉 fahrplan.events.ccc.de/congress/202...
Lecture: RFC 9420 or how to scale end-to-end encryption with Messaging Layer Security | Friday | Sch...
fahrplan.events.ccc.de
December 29, 2023 at 12:25 PM
Today at #37c3, 3:45pm, Konrad and I will give a talk in hall Zuse about Messaging Layer Security (MLS).
They call it RFC 9420, we say MLS: A new IETF standard for end-to-end encryption, bringing improvements in performance and security.
👉 fahrplan.events.ccc.de/congress/202...
They call it RFC 9420, we say MLS: A new IETF standard for end-to-end encryption, bringing improvements in performance and security.
👉 fahrplan.events.ccc.de/congress/202...
We are very excited to be at #37c3 in Hamburg after a long pandemic break. On day 3 (29.12., 3:45pm), @raphaelrobert.bsky.social and Konrad will give a talk on “RFC 9420 – or how to scale end-to-end encryption with Messaging Layer Security (MLS)”
👉 fahrplan.events.ccc.de/congress/202...
👉 fahrplan.events.ccc.de/congress/202...
December 26, 2023 at 1:36 PM
We are very excited to be at #37c3 in Hamburg after a long pandemic break. On day 3 (29.12., 3:45pm), @raphaelrobert.bsky.social and Konrad will give a talk on “RFC 9420 – or how to scale end-to-end encryption with Messaging Layer Security (MLS)”
👉 fahrplan.events.ccc.de/congress/202...
👉 fahrplan.events.ccc.de/congress/202...
After @netzpolitik.org’s recent investigation into surveillance through push notifications, many people have been concerned about how their own privacy is affected when using messengers anonymously.
In this blog post we examined the problem and what to do about it. Check it out 👇
In this blog post we examined the problem and what to do about it. Check it out 👇
On the privacy of push notifications
Push notifications are a mechanism through which applications can send and display notifications to users of smartphones. The infrastructure that drives these notifications in the background is a comp...
blog.phnx.im
December 20, 2023 at 3:49 PM
After @netzpolitik.org’s recent investigation into surveillance through push notifications, many people have been concerned about how their own privacy is affected when using messengers anonymously.
In this blog post we examined the problem and what to do about it. Check it out 👇
In this blog post we examined the problem and what to do about it. Check it out 👇
Check out our blog post where we examine the push notification problem and address potential misconceptions!
In the wake of recent reports on surveillance via push notifications, many people have been confused about it and how it affects their own privacy when using messengers anonymously.
In the wake of recent reports on surveillance via push notifications, many people have been confused about it and how it affects their own privacy when using messengers anonymously.
On the privacy of push notifications
Push notifications are a mechanism through which applications can send and display notifications to users of smartphones. The infrastructure that drives these notifications in the background is a comp...
blog.phnx.im
December 20, 2023 at 11:01 AM
Check out our blog post where we examine the push notification problem and address potential misconceptions!
In the wake of recent reports on surveillance via push notifications, many people have been confused about it and how it affects their own privacy when using messengers anonymously.
In the wake of recent reports on surveillance via push notifications, many people have been confused about it and how it affects their own privacy when using messengers anonymously.
Reposted by Phoenix R&D
First impactful measure following last week's splash about push notification surveillance:
www.reuters.com/technology/a...
www.reuters.com/technology/a...
December 13, 2023 at 2:01 PM
First impactful measure following last week's splash about push notification surveillance:
www.reuters.com/technology/a...
www.reuters.com/technology/a...
Reposted by Phoenix R&D
Let's make this crystal clear: If you think you are anonymous because you
- used a throwaway number for Signal
- picked a completely random username for Wire/Matrix
- were given a random username with Threema/Session
YOU ARE NOT! You can be identified by the push tokens.
- used a throwaway number for Signal
- picked a completely random username for Wire/Matrix
- were given a random username with Threema/Session
YOU ARE NOT! You can be identified by the push tokens.
Das Smartphone piept. Diese Benachrichtigungen laufen über Push-Dienste, fast immer von den Smartphone-Firmen. So erfahren Behörden, welcher Google/Apple-Account hinter @signal.bsky.social +49-172-9973185 oder Threema-User *MY3DATA steckt. Wir wollen Auskunft. netzpolitik.org/2023/push-di...
Push-Dienste: Behörden fragen Apple und Google nach Nutzern von Messenger-Apps – netzpolitik.org
Smartphone-Apps verschicken Benachrichtigungen über Apple und Google, auch vermeintlich sichere Messenger. Damit können Behörden Nutzer-Daten bei Smartphone-Firmen abfragen. Bis jetzt verweigern al...
netzpolitik.org
December 7, 2023 at 9:48 AM
Let's make this crystal clear: If you think you are anonymous because you
- used a throwaway number for Signal
- picked a completely random username for Wire/Matrix
- were given a random username with Threema/Session
YOU ARE NOT! You can be identified by the push tokens.
- used a throwaway number for Signal
- picked a completely random username for Wire/Matrix
- were given a random username with Threema/Session
YOU ARE NOT! You can be identified by the push tokens.
Reposted by Phoenix R&D
This has been bothering me for a while and I'm glad there's finally more discussion about this. Push notifications are a problem for privacy, we need more transparency and changes in the way they work.
netzpolitik.org/2023/push-di...
netzpolitik.org/2023/push-di...
Push-Dienste: Behörden fragen Apple und Google nach Nutzern von Messenger-Apps – netzpolitik.org
Smartphone-Apps verschicken Benachrichtigungen über Apple und Google, auch vermeintlich sichere Messenger. Damit können Behörden Nutzer-Daten bei Smartphone-Firmen abfragen. Bis jetzt verweigern al...
netzpolitik.org
December 6, 2023 at 7:08 PM
This has been bothering me for a while and I'm glad there's finally more discussion about this. Push notifications are a problem for privacy, we need more transparency and changes in the way they work.
netzpolitik.org/2023/push-di...
netzpolitik.org/2023/push-di...
Numerous cryptography experts analyzed the Messaging Layer Security protocol. Théophile Wallez presented at the USENIX Security '23 conference the contributions of Jonathan Protzenko, Benjamin Beurdouche, Karthikeyan Bhargavan, and himself and why it is not a good idea to roll your own crypto.
USENIX Security '23 - TreeSync: Authenticated Group Management for Messaging Layer Security
USENIX Security '23 - TreeSync: Authenticated Group Management for Messaging Layer SecurityThéophile Wallez, Inria Paris; Jonathan Protzenko, Microsoft Resea...
youtu.be
December 6, 2023 at 8:54 AM
Numerous cryptography experts analyzed the Messaging Layer Security protocol. Théophile Wallez presented at the USENIX Security '23 conference the contributions of Jonathan Protzenko, Benjamin Beurdouche, Karthikeyan Bhargavan, and himself and why it is not a good idea to roll your own crypto.
After #chatcontrol, lawmakers are now trying to mandate government-controlled certificates in browsers. Along with 400 experts and researchers from around the world, our Head of Research Konrad Kohbrok has signed an open letter to abandon the #eIDAS plans.
eidas-open-letter.org
eidas-open-letter.org
November 3, 2023 at 3:33 PM
After #chatcontrol, lawmakers are now trying to mandate government-controlled certificates in browsers. Along with 400 experts and researchers from around the world, our Head of Research Konrad Kohbrok has signed an open letter to abandon the #eIDAS plans.
eidas-open-letter.org
eidas-open-letter.org
@raphaelrobert.bsky.social hat im Chaosradio mit Constanze Kurz von @netzpolitik.org und Elisa darüber gesprochen, welche dicken Bretter er mit anderen bei der IETF gebohrt hat und wie er Ende-zu-Ende-Verschlüsselung für alle zugänglich machen möchte.
Hört rein 🎧
Hört rein 🎧
Messaging und Gruppen-Chats: Wie die IETF Sicherheit für Milliarden Menschen schafft – netzpoliti...
Wie können Gruppen-Chats massentauglich sein und zugleich höchsten Sicherheitseigenschaften genügen? Wie lässt sich technisch absichern, dass niemand Drittes mitlesen kann? Darüber sprechen wir m...
netzpolitik.org
October 31, 2023 at 2:06 PM
@raphaelrobert.bsky.social hat im Chaosradio mit Constanze Kurz von @netzpolitik.org und Elisa darüber gesprochen, welche dicken Bretter er mit anderen bei der IETF gebohrt hat und wie er Ende-zu-Ende-Verschlüsselung für alle zugänglich machen möchte.
Hört rein 🎧
Hört rein 🎧