Zoom E2EE uses the same 256-bit AES-GCM encryption that secures Zoom meetings by default

0
83
Zoom
Zoom will roll out end-to-end encryption for all users

Zoom will roll out end-to-end encryption for all users.

Zoom E2EE uses the same 256-bit AES-GCM encryption that secures Zoom meetings by default

When users allow E2EE for their meetings, no one but each member has access to the encryption keys that are used to encrypt the meeting.

Zoom Video Communications has confirmed that the latest end-to-end encryption (E2EE) is now open to users worldwide, free and charged for meetings with up to 200 members. This feature is instantly available as a technological preview. This suggests that the company will proactively invite feedback from customers during the next 30 days. Beginning today, E2EE is available for Mac and PC on the Zoom desktop client version 5.4.0, the Zoom Android app, and the Zoom Rooms, with the Zoom iOS app awaiting clearance from the Apple App Store.

Zoom E2EE uses the same 256-bit AES-GCM encryption that secures Zoom meetings by default. As users allow E2EE for their meetings, no one but each participant — not even Zoom ‘s meeting servers — has access to the encryption keys used to encrypt the meeting.

Account administrators can allow this E2EE functionality on their web dashboard at account, community and user level. It may also be locked at the level of an account or a group. If allowed, the host will turn on and off E2EE for any given meeting based on the level of protection and the level of features they want. In step one, participants must enter the Zoom Desktop Client, the Smartphone Application, or the Zoom Rooms for E2EE-enabled meetings.

At typical gatherings, the Zoom Cloud Meeting Server creates encryption keys for each meeting and distributes them to the members using the Zoom Users as they participate. With Zoom ‘s latest E2EE, the host of the meeting creates encryption keys and uses public key cryptography to distribute these keys to other participants of the conference meeting. Zoom servers become clear relays and never see the encryption keys needed to decrypt the contents of the meeting. Encrypted data relayed through Zoom ‘s servers is indecipherable to Zoom, as Zoom ‘s servers do not have the required decryption key.

“We’re really proud to introduce Zoom ‘s latest end-to – end encryption to Zoom users worldwide today,” said Zoom CISO Jason Lee. “This has been a strongly sought-after feature from our clients, and we’re happy to make it a reality. Kudos to our encryption team who joined us from Keybase in May and created this amazing safety feature in just 6 months.” As a technological preview, Zoom hopes to gain feedback from consumers on their experience with E2EE. The company requested consumers to allow Zoom reviews on their account in order to provide guidance. When activated, customers can send input directly to the Zoom client by navigating to their “Setup” and selecting