Zoom Finally Adds End-to-End Encryption

Posted on October 27, 2020 by Paul Thurrott in Cloud with 10 Comments

The video chat darling of the pandemic has finally added the security feature it claimed it had been using all along: End-to-end encryption.

“We’re very proud to bring Zoom’s new end-to-end encryption to Zoom users globally today,” Zoom CISO Jason Lee said in a prepared statement. “This has been a highly requested feature from our customers, and we’re excited to make this a reality. Kudos to our encryption team who joined us from Keybase in May and developed this impressive security feature within just six months.”

Yes, kudos. Zoom’s end-to-end encryption (E2EE) is only available in a technology preview at this time, but it is at least available to users globally for free in meetings up to 200 users (and to paid users in whatever configurations).

According to Zoom, this new feature uses 256-bit AES-GCM encryption identical to that which Zoom meetings already use by default. But when E2EE is enabled, only participants—and not Zoom or its meeting servers—have access to the encryption keys that are used to encrypt the meeting. Now, the meeting’s host generates encryption keys and uses public key cryptography to distribute these keys to the other meeting participants, Zoom says, and Zoom’s servers become “oblivious relays” and never see the encryption keys required to decrypt the meeting contents.

What Zoom doesn’t say, according to Fortune, is that enabling E2EE disables several Zoom features, including recording meetings to the cloud, live emoji reactions, the ability for participants to join a call before the host, streaming meetings to outside viewers, live transcription, polls, one-on-one private chats, and breakout rooms.

Zoom says it will test the feature publicly for 30 days before releasing it generally, and it is soliciting feedback from users so that it can improve as needed.

Tagged with

Join the discussion!

BECOME A THURROTT MEMBER:

Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Register
Comments (11)

11 responses to “Zoom Finally Adds End-to-End Encryption”

  1. youngd

    This is a good thing. I'm curious how this compares with the encryption used in Teams? Does Teams also support E2EE?



    • thalter

      In reply to youngd:

      Teams is not true E2EE. Your traffic gets decrypted and re-encrypted at several points, to facilitate DLP and other cloud-based functionality.


      True E2E encryption means that your data is encrypted by you (using your key) and decrypted by your peer, using a key not shared with anyone else. This means your data cannot be viewed by anyone else, so by definition this means that cloud-based functionality (like cloud recording) will no longer work, as the cloud provider can no longer read your data. This is a feature of E2EE, not a bug.

  2. RonV42

    Good to hear...have been waiting for this since the mandate to work from home this year.

  3. angusmatheson

    I do not understand how Microsoft bought the premier video chatting platform - Skype. And then let it flounder so that when the pandemic came zoom and FaceTime took over the mindshare. There was a time when all video chatting was Skype. I get that moving old technology to new platforms is hard. I get the Microsoft is doing great with the pandemic. And I get that teams works great for video chatting. What I think makes me sad is that every little company that makes something great is bought by a big company is simply left. Be it Siri by apple. Danger (sidekick), Nokia, and Skype by Microsoft. Nest by google. WebOS by HP. The big companies seem unable to keep alive what was special and innovative. So I am sad that the pandemic wasn’t the age of Skype - who made us all aware of how amazing and magical video chatting was. Truly an amazing transformation that we have seen come into its own with the pandemic.

    • sammyg

      In reply to Angusmatheson:

      There was a time before Facetime, that Skype was "IT" for video calls. It even had its own phrase "Skype call" as used by many for any kind of video call.


      I personally never liked video calls and most everyone I know does not either. For my circle of friends and family, all iOS users, FaceTime killed Skype in a hurry. Even then I hardly ever use it, and its biggest use was grand parents and grand kids, until one of my kids joined the Marines and now we use it once a week.


      Then this pandemic hit and suddenly at work everyone has to have video for video calls. The regular conference calls, voice only, suddenly stopped working?????? My company purchased A LOT of equipment to make this possible, with upper management insisting everyone that needed a laptop or webcam have one.


      The funny thing now is more and more people are joining both Zoom and Teams calls (we are on O365 big time) and NOT using their camera. The new car smell has worn off the "MUST HAVE VIDEO" and people either do not want to look presentable or like me, want to work on other stuff in these endless meetings and not be seen.


      Microsoft is its usual fashion has jacked stuff up with its crazy lack of communication and direction for its product lines. I have been doing Microsoft IT work for a while now. I setup LCS servers, that then became Lync Servers, that then became Skype for Business servers than are now all being shutdown in favor of Teams. Yet Skype just got an upgrade to allow a bunch of people in one meeting??? And at the same time we have Teams for consumers????


      So many things like this with Microsoft....Windows on ARM (Windows phone, RT, latest version) phone, no phones, DUO??? Apps on Apple hardware getting more updates faster?? OneNote win32 is gone, OneNote 2016 is the last Win32 version, all versions of OneNote are the Universal stuff, from the store....Oh wait never mind, now our O365/Win10 users have two version of OneNote. The Windows 10 version we told them to use and now the revived OneNote 2016 that automatically got installed.


      Anyone confused yet???



  4. randallcorn

    YAY! WE REALLY LOVE ZOOM!!!


    So much suckurity built in from the ground floor. That is why I really trust? Zoom.

Leave a Reply