Now, the Zoom is rolling out end-to-end encryptions for all users globally, except iOS app.
Zoom is the leader in modern enterprise video communications, with an easy, reliable cloud platform for video and audio conferencing, chat, and webinars, and now it continuously working to secure their software after facing many privacy concerns.
Zoom announced its new end-to-end encryption (E2EE) is now available to users globally, free and paid, for meetings with up to 200 participants. This feature is available immediately as a technical preview, meaning that the company is proactively soliciting feedback from users for the next 30 days.
Starting today, E2EE is available on Zoom desktop client version 5.4.0 for Mac and PC, the Zoom Android app, and Zoom Rooms, with the Zoom iOS app pending Apple App Store approval.
Zoom’s E2EE uses the same powerful 256-bit AES-GCM encryption that secures Zoom meetings by default. When users enable E2EE for their meetings, nobody except each participant — not even Zoom’s meeting servers — has access to the encryption keys that are used to encrypt the meeting.
“We’re very proud to bring Zoom’s new end-to-end encryption to Zoom users globally today,” said Zoom CISO Jason Lee. “This has been a highly requested feature from our customers, and we’re excited to make this a reality. Kudos to our encryption team who joined us from Keybase in May and developed this impressive security feature within just six months.”
With Zoom’s new E2EE, the meeting’s host generates encryption keys and uses public key cryptography to distribute these keys to the other meeting participants. Zoom’s servers become oblivious relays and never see the encryption keys required to decrypt the meeting contents. Encrypted data relayed through Zoom’s servers is indecipherable by Zoom, since Zoom’s servers do not have the necessary decryption key.
Account admins can enable this E2EE feature in their web dashboard at the account, group, and user level. It can also be locked at the account or group level. If enabled, the host can toggle on and off E2EE for any given meeting depending on the level of security and level of functionality they would like. In phase one, meeting participants must join from the Zoom desktop client, mobile app, or Zoom Rooms for E2EE-enabled meetings.
Previously Zoom Hacks
- Hackers Selling Zoom Zero-Day And 500,000 User Credentials On Dark Web
- Zoom Video Conferencing Software Vulnerable To Hackers