Zoom has announced they have rolled out a new end-to-end encryption offering. The solution will be available as a technical preview, meaning they will be soliciting feedback from users for the first 30 days.
In an E2EE meeting, users can host up to 200 participants, providing increased privacy and security for Zoom sessions. According to Max Krohn, Head of Security Engineering at Zoom, E2EE uses the same GCM encryption you get now in a Zoom meeting. The only difference is where those encryption keys live.
"In typical meetings, Zoom’s cloud generates encryption keys and distributes them to meeting participants using Zoom apps as they join. With Zoom’s E2EE, the meeting’s host generates encryption keys and uses public key cryptography to distribute these keys to the other meeting participants. Zoom’s servers become oblivious relays and never see the encryption keys required to decrypt the meeting contents," says Krohn.
Jack Mannino, CEO at nVisium, a Falls Church, Virginia-based application security provider, notes, “While this is still limited across the features it's enabled for, this signifies a noteworthy step in the right direction with regards to ensuring user security and privacy on the platform. Distributing keys to the clients and decentralizing trust provides users with increased assurance that their communications are less likely to be seized through compromised keys or infrastructure.”