Navigate back to the homepage
Get a Demo

Industry Perspective: How Zoom is building E2EE without compromising user experience

Privacy_Infra()
Andrew Moon
March 10th, 2021 · 2 min read

As the COVID-19 pandemic forced many who could into working from home, Zoom’s user base went from primarily companies with IT support teams on standby to teachers and students, parents, and anyone seeking a way to stay in touch with friends and family.

This spike in consumer usage wasn’t without hiccups. The rise in “zoombombing”, for example, prompted Zoom to enact a 90-day feature freeze to focus the company’s engineering resources on the platform’s privacy and security.

At our February privacy_infra() meetup for privacy engineers, Zoom security engineer Merry Ember Mou, gave us a deep dive into one such effort resulting from that focus; the technical challenges of building end-to-end encryption (or E2EE) into the company’s meeting platform.

Scroll down to watch Merry’s full talk.

Prior to Zoom rolling out E2EE, the encryption available for a Zoom call was limited to between meeting participants and Zoom’s servers, leveraging a server-managed meeting encryption key. This is in contrast to the trust model for end-to-end encryption which requires that the encryption key be user generated. Zoom’s privacy commitment set the stage for Mou and their team’s work.

Zoom is taking a phased approach to their end-to-end encryption rollout to optimize for quality along the way. In their talk, Mou explained how Zoom’s end-to-end encrypted meetings rely on a series of key exchanges and verifications. Each Zoom user has a long term, device specific key, and for each end-to-end encrypted meeting the user securely posts that key to the server which allows them to generate and sign an ephemeral, and meeting specific key. The user specific signed binding gets shared with everyone in the meeting. In order for users to securely join meetings the leader of the meeting must compute a Diffie-Hellman shared secret key generated from the leader’s and their own private keys.

When a participant, or the leader, leaves or joins the meeting, the meeting key is automatically rotated to a new random meeting key so that participants can only decrypt the parts of the meeting they were in. How does the leader know when a participant leaves or joins? The leader sends out regular “heartbeats” at least every 10 seconds. A participant will drop out of the meeting if it misses enough “heartbeats” from the leader.

At the end of the day, the driving force behind end-to-end encryption and a focus on security for Zoom is the user. To Mou and her team, “Is it secure?” is never a yes or no question. Instead, the answer is much more individualistic from user to user or even meeting to meeting.

“Whomever it might be with the answer also depends on your assumptions and at every stage of our work, how well those assumptions are communicated to and validated by end users.”

Watch Merry’s full talk from Privacy_Infra() to learn more about how Zoom is building end-to-end encrypted meetings without compromise.

The Zoom team has also published a white paper on their E2EE efforts on Github.

Note: This post reflects information and opinions shared by speakers at Transcend’s ongoing privacy_infra() event series, which feature industry-wide tech talks highlighting new thinking in data privacy engineering every other month. If you’re working on solving universal privacy challenges and interested in speaking about it, submit a proposal here.

More articles from Transcend

Watch the recording: Signal, Zoom, and UC Berkeley join Privacy_Infra() February 2021

Watch the recording from our first privacy_infra() engineering meetup of 2021, featuring talks from Signal, Zoom, and UC Berkeley.

February 22nd, 2021 · 1 min read

How Transcend is preparing for CDPA’s new Opt Out of Targeted Advertising requirement in Virginia

We wanted to spotlight how we’re preparing for the CDPA’s new Opt Out of Targeted Advertising requirement in Virginia, coming from Jan 1, 2023.

March 4th, 2021 · 2 min read

Privacy XFN

Sign up for Transcend's weekly privacy newsletter.

San Francisco, California Copyright © 2021 Transcend, Inc.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Link to $https://twitter.com/transcend_ioLink to $https://www.linkedin.com/company/transcend-io/Link to $https://github.com/transcend-io