Zoom offers end-to-end post-quantum encryption to enhance security

Zoom Video Communications, Inc. announced About the global availability of end-to-end post-quantum encryption (E2EE) for Zoom Workplace, starting with Zoom Meetings. This launch makes Zoom the first Unified Communications as a Service (UCaaS) provider to offer such a cutting-edge security feature. Zoom Phone and Zoom Rooms will receive this as well Enhance security almost.
Addressing advanced threats
As cyber threats become more complex, the need for strong data protection is greater than ever. Adversaries can capture encrypted data now, and plan to decrypt it later when quantum computing advances. The “harvest now, decrypt later” scenario poses a significant risk, even though powerful quantum computers are not yet widely available. By implementing post-quantum E2EE, Zoom is proactively upgrading its security to withstand future threats.
Michael Adams, Zoom’s chief information security officer, stressed the importance of this new feature. “Since we launched end-to-end encryption for Zoom Meetings in 2020 and Zoom Phone in 2022, we’ve seen customers increasingly use this feature, demonstrating how important it is that we offer our customers a secure platform that meets their unique needs. “With the launch of post-quantum E2EE, we are doubling down on security and providing groundbreaking features for users to help protect their data,” said Adams. At Zoom, we’re constantly adapting to the evolving security threat landscape, with the goal of keeping our users protected.
How post-quantum E2EE works
When users enable E2EE for their meetings, Zoom ensures that only participants have access to the encryption keys. This applies to both standard and post-quantum E2EE. Because Zoom’s servers do not have decryption keys, any encrypted data transmitted through them remains secure and indecipherable.
To protect against “harvest now, decrypt later” attacks, Zoom’s post-quantum E2EE uses the Kyber 768 algorithm. This algorithm is standardized by the National Institute of Standards and Technology (NIST) as the Network-Based Key Encapsulation Mechanism (ML-KEM) in FIPS 203.
This latest development reflects Zoom’s ongoing commitment to enhancing data security for its users. By adopting post-quantum E2EE, Zoom sets a new standard in the UCaaS industry, ensuring user data remains protected against future quantum threats.
Availability
Post-quantum end-to-end encryption for Zoom meetings is now available and will be rolling out soon to Zoom Phone and Zoom Rooms.
Image: Envato