Remaining transparentĪs Zoom continues to take steps to protect users’ privacy and avoid their products being used to cause harm, the company will continue to work with users to enhance the reporting mechanisms available to meeting hosts to report unwanted and disruptive attendees. Encryption keys will be tightly controlled by the host, who will admit attendees. We believe this will provide equivalent or better security than existing consumer end-to-end encrypted messaging platforms, but with the video quality and scale that has made Zoom the choice of over 300 million daily meeting participants, including those at some of the world’s largest enterprises,” he explained. Zoom Rooms and Zoom Phone participants will be able to attend if explicitly allowed by the host.
“These end-to-end encrypted meetings will not support phone bridges, cloud recording, or non-Zoom conference room systems. We are also investigating mechanisms that would allow enterprise users to provide additional levels of authentication.
#In zoom keybase app kept chat software#
The cryptographic secrets will be under the control of the host, and the host’s client software will decide what devices are allowed to receive meeting keys, and thereby join the meeting. This key will be distributed between clients, enveloped with the asymmetric keypairs and rotated when there are significant changes to the list of attendees. An ephemeral per-meeting symmetric key will be generated by the meeting host. Logged-in users will generate public cryptographic identities that are stored in a repository on Zoom’s network and can be used to establish trust relationships between meeting attendees.
Yuan revealed that Zoom will offer an end-to-end encrypted meeting mode to all paid accounts. However, for hosts who seek to prioritise privacy over compatibility, Yuan and his team will create a new solution. However, the encryption keys for each meeting are generated by Zoom’s servers.”Īdditionally, some features that are widely used by Zoom clients, such as support for attendees to call into a phone bridge or use in-room meeting systems offered by other companies, will always require Zoom to keep some encryption keys in the cloud. With the recent Zoom 5.0 release, Zoom clients now support encrypting content using industry-standard AES-GCM with 256-bit keys. It is not decrypted until it reaches the recipients’ devices. “Today, audio and video content flowing between Zoom clients (e.g., Zoom Rooms, laptop computers, and smartphones running the Zoom app) is encrypted at each sending client device. Keybase’s experienced team will be a critical part of this mission,” he said. Our goal is to provide the most privacy possible for every use case, while also balancing the needs of our users and our commitment to preventing harmful behaviour on our platform. “This acquisition marks a key step for Zoom as we attempt to accomplish the creation of a truly private video communications platform that can scale to hundreds of millions of participants, while also having the flexibility to support Zoom’s wide variety of uses. On the Zoom blog, Yuan revealed details of the plans for building the end-to-end encryption offering were revealed. The terms of the transaction were not disclosed. Leaders from Zoom and Keybase will work together to determine the future of the Keybase product. Krohn will lead the Zoom security engineering team, reporting directly to Yuan.
“Our team is passionate about security and privacy, and it is an honour to be able to bring our encryption expertise to a platform used by hundreds of millions of participants a day.”Īs members of Zoom’s security engineering function, the Keybase team of security and encryption engineers will provide important contributions to Zoom’s 90-day plan to proactively identify, address, and enhance the security and privacy capabilities of its platform. “Keybase is thrilled to join Team Zoom,” said Max Krohn, Keybase.io co-founder and developer.
0 kommentar(er)
