Zoom adds post-quantum end-to-end encryption to video meetings
Zoom has announced the global availability of post-quantum end-to-end encryption (E2EE) for Zoom Meetings, with Zoom Phone and Zoom Rooms to follow soon.
Meetings is a popular video conferencing service that allows users to host and join virtual meetings with high-definition video and audio, featuring screen sharing, chat, and participant management, making it a popular choice for businesses, virtual events, and online classes.
Today, Zoom has announced the introduction of the Kyber768 quantum-resistant encryption to its already encrypted end-to-end communications, which makes all data traveling between its servers and clients undecipherable even by advanced quantum computers.
"When users enable E2EE for their meetings, Zoom's system is designed to provide only the participants with access to the encryption keys that are used to encrypt the meeting; this is the behavior for both post-quantum E2EE and standard E2EE," reads Zoom's announcement.
"Because Zoom's servers do not have the necessary decryption key, encrypted data relayed through Zoom's servers is indecipherable."
Although such systems are still in their infancy, the sector is progressing steadily, and experts believe it's only a matter of time before powerful enough quantum computers render all conventional encryption schemes obsolete.
The risk of staying behind lies in the so-called "harvest now, decrypt later" attacks that involve bad actors intercepting and storing encrypted data of important communications today in the hopes of being able to decrypt it in the future when more powerful computers are available.
Zoom says the introduction of quantum-resistant algorithms today addresses this risk, inspiring confidence in users that they can continue using the software without compromising security.
This is the same proactive approach that several other communication platforms have taken recently, including Signal, Apple iMessage, Tuta Mail, and even Google Chrome, all utilizing the same NIST-recommended Kyber key encapsulation algorithm.
Zoom was heavily criticized in the past for its lack of end-to-end encryption while it enjoyed a meteoric rise in popularity and deployment in corporate environments during the COVID-19 era when large swaths of the workforce were pushed to work remotely.
The company added E2EE to Meetings in 2020, with Zoom Phone following in 2022. This time, Zoom says it's the first unified communications as a service (UCaaS) provider to offer quantum-resistant video conferencing, showing the company's intention to assume a leading role in the field.
For more information on which versions and platforms of Zoom Workplace support post-quantum E2EE, users can visit this page.
source: BleepingComputer
Free security scan for your website
Top News:
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
November 18, 2024CWE top 25 most dangerous software weaknesses
November 21, 2024Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
November 21, 2024Windows 11 KB5046740 update released with 14 changes and fixes
November 22, 2024APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware
November 23, 2024Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs
November 23, 2024