Zoom’s end-to-end encryption has arrived
Zoom Launches End-to-End Encryption for Free and Paid Users Globally
New Encryption Feature in Technical Preview Offers Increased Privacy and Security for Your Zoom Sessions
Oct. 26, 2020 — Zoom Video Communications, Inc. announced its new end-to-end encryption (E2EE) is now available to users globally, free and paid, for meetings with up to 200 participants. This feature is available immediately as a technical preview, meaning that the company is proactively soliciting feedback from users for the next 30 days. E2EE is available on Zoom desktop client version for Mac and PC, the Zoom Android app, and Zoom Rooms.
Zoom’s E2EE
Uses the same powerful 256-bit AES-GCM encryption that secures Zoom meetings by default. When users enable E2EE for their meetings, nobody except each participant — not even Zoom’s meeting servers — has access to the encryption keys that are used to encrypt the meeting.
In typical meetings, Zoom’s cloud meeting server generates encryption keys for every meeting and distributes them to meeting participants using Zoom clients as they join. With Zoom’s new E2EE, the meeting’s host generates encryption keys and uses public-key cryptography to distribute these keys to the other meeting participants. Zoom’s servers become oblivious relays and never see the encryption keys required to decrypt the meeting contents. Encrypted data relayed through Zoom’s servers is indecipherable by Zoom since Zoom’s servers do not have the necessary decryption key.
Account admins can enable this E2EE feature in their web dashboard at the account, group, and user level. It can also be locked at the account or group level. If enabled, the host can toggle on and off E2EE for any given meeting depending on the level of security and level of functionality they would like. In phase one, meeting participants must join from the Zoom desktop client, mobile app, or Zoom Rooms for E2EE-enabled meetings.
Zoom has previously offered encryption for its calls, but the data was only encrypted between each meeting participant and Zoom’s servers, rather than being end-to-end encrypted between participants. Once E2EE is enabled, you can check Zoom is using the more secure kind of encryption using the green shield at the top left of a meeting window. The shield will show a padlock rather than a checkmark if the meeting is encrypted end-to-end.
Hosts & co-hosts can use the in-meeting security icon for quick handling of participants’ access to features, enabling of the waiting room, locking entry, and reporting & removing any unwanted guests.
Read more about technology and featured security news on our blog
