Cloud

Zoom prepares to roll out end-to-end encryption in 4 phases


Zoom has confirmed that it will begin rolling out end-to-end encryption (E2EE) next week, starting with a 30-day technical preview to glean feedback from users, which will be followed by an additional three phases ahead of its full launch.

This has been a long time coming, with the video communications giant creating controversy earlier this year after it revealed plans to make E2EE available only to those on a paid plan. Privacy advocates and civil rights groups argued that basic security functionality shouldn’t be a premium feature, forcing Zoom to backtrack and promise the functionality to all users. At the heart of Zoom’s original plan was to negate abuse of its service and deter bad actors from mass-creating “abusive accounts” — as part of its new plan, Zoom said that free users seeking E2EE will instead have to go through a one-time verification process, which may involve having to provide their mobile phone number.

With E2EE, Zoom builds on its existing GCM encryption, except rather than distributing encryption keys through Zoom apps as participants join, the meeting host generates the encryption keys and uses public key cryptography to distribute the keys to each participant. In other words, Zoom has no knowledge or access to the keys needed to decrypt video chat content.

Above: Zoom: End-to-end-encryption is rolling out soon

To start using E2EE next week, users must activate E2EE in their account settings and opt-in to it for each meeting that they are on.

 



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.