Zoom Video Communications, Inc. (NASDAQ: ZM) has announced the global availability of post-quantum end-to-end encryption (E2EE) for Zoom Workplace, particularly for Zoom Meetings. This groundbreaking security feature will soon extend to Zoom Phone and Zoom Rooms, making Zoom the first UCaaS company to offer a post-quantum E2EE solution for video conferencing.
Zoom bolsters security offering with the inclusion of post-quantum end-to-end encryption in Zoom Workplace
Addressing Advanced Security Threats
As cyber threats become increasingly sophisticated, the need to safeguard user data has never been more critical. Attackers may capture encrypted network traffic today with the intention to decrypt it later when quantum computers become more advanced—a scenario known as “harvest now, decrypt later.” Anticipating this future threat, Zoom has proactively upgraded its encryption algorithms to withstand potential quantum computing attacks.
Michael Adams, Chief Information Security Officer at Zoom, emphasized the importance of this enhancement:
“Since we launched end-to-end encryption for Zoom Meetings in 2020 and Zoom Phone in 2022, we have seen customers increasingly use the feature, which demonstrates how important it is for us to offer our customers a secure platform that meets their unique needs. With the launch of post-quantum E2EE, we are doubling down on security and providing leading-edge features for users to help protect their data. At Zoom, we continuously adapt as the security threat landscape evolves, with the goal of keeping our users protected.”
How Post-Quantum E2EE Works
When users enable E2EE for their meetings, Zoom’s system ensures that only participants have access to the encryption keys needed to decrypt the data. Zoom’s servers do not hold these keys, making any relayed encrypted data indecipherable. To defend against “harvest now, decrypt later” attacks, Zoom’s post-quantum E2EE employs Kyber 768, an algorithm being standardized by the National Institute of Standards and Technology (NIST) as the Module Lattice-based Key Encapsulation Mechanism (ML-KEM) in FIPS 203.
Benefits of Post-Quantum E2EE
- Enhanced Security: Guards against future quantum computing threats.
- User Control: Only meeting participants can access decryption keys.
- Innovative Algorithms: Utilizes Kyber 768, a leading-edge encryption standard.
Availability and Support
Post-quantum E2EE is currently available for Zoom Meetings in Zoom Workplace, with support for Zoom Phone and Zoom Rooms coming soon. For more details on supported versions and platforms, visit our support article.
