Press ReleaseDevice & IoTIdentity & AccessThreat Detection & Defense

Zoom Makes Video Conferencing More Secure with Post-Quantum Encryption

Photo of CSA Editorial CSA Editorial Send an email May 30, 2024
1 minute read

Zoom Video Communications, Inc. announced that post-quantum end-to-end encryption (E2EE) is now globally available for Zoom Workplace, specifically Zoom Meetings, with Zoom Phone and Zoom Rooms coming soon. The launch of the new security enhancement makes Zoom the first UCaaS company to offer a post-quantum E2EE solution for video conferencing.

As adversarial threats become more sophisticated, so does the need to safeguard user data. In certain circumstances, attackers may have the ability to capture encrypted network traffic now, with the intent to decrypt it later when quantum computers become more advanced — a scenario often referred to as “harvest now, decrypt later”.  So, while powerful quantum computers with this capability are not yet generally available, Zoom has taken a proactive stance by upgrading the algorithms designed to be able to withstand these potential future threats.

“Since we launched end-to-end encryption for Zoom Meetings in 2020 and Zoom Phone in 2022, we have seen customers increasingly use the feature, which demonstrates how important it is for us to offer our customers a secure platform that meets their unique needs,”  said Michael Adams, chief information security officer at Zoom. “With the launch of post-quantum E2EE,  we are doubling down on security and providing leading-edge features for users to help protect their data. At Zoom, we continuously adapt as the security threat landscape evolves, with the goal of keeping our users protected.”

How post-quantum E2E encryption works
When users enable E2EE for their meetings, Zoom’s system is designed to provide only the participants with access to the encryption keys that are used to encrypt the meeting; this is the behaviour for both post-quantum E2EE and standard E2EE. Because Zoom’s servers do not have the necessary decryption key, encrypted data relayed through Zoom’s servers is indecipherable. In addition, to defend against “harvest now, decrypt later” attacks, Zoom’s post-quantum E2E encryption uses Kyber 768, an algorithm being standardised by the National Institute of Standards and Technology (NIST) as the Module Lattice-based Key Encapsulation Mechanism, or ML-KEM, in FIPS 203.

Visit our support article to understand which versions and platforms of Zoom Workplace support using post-quantum E2EE.

Tags
Photo of CSA Editorial CSA Editorial Send an email May 30, 2024
1 minute read
Photo of CSA Editorial

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

81% of Malaysians Have Adopted Digital Cards for Convenience and Security, states IDEMIA Secure Transactions Global Study

October 4, 2024

Infoblox Unveils Game-Changing Universal DDI™ Product Suite to Help NetOps, SecOps, and CloudOps Work Better Together

October 4, 2024

The Costs of Cyber Attacks: How One Breach Can Sink Your Business

October 4, 2024

Building Digital Trust in Malaysia: Essential Steps Every Organisation Should Take

October 4, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *

(c) Asia Online Publishing Group 2024 - Media and PR enquiries - editor@aopg.net