Zoom has acquired Keybase to enable the real E2EE for paid accounts

Thanks to acquiring Keybase.io,

Zoom will offer an end-to-end encrypted meeting mode to all paid accounts. Logged-in users will generate public cryptographic identities that are stored in a repository on Zoom’s network and can be used to establish trust relationships between meeting attendees. An ephemeral per-meeting symmetric key will be generated by the meeting host. This key will be distributed between clients, enveloped with the asymmetric keypairs and rotated when there are significant changes to the list of attendees. The cryptographic secrets will be under the control of the host, and the host’s client software will decide what devices are allowed to receive meeting keys, and thereby join the meeting. We are also investigating mechanisms that would allow enterprise users to provide additional levels of authentication.

I have used Keybase.io since its launch until a couple of months ago. They first started as public key database and later released a PGP based team chat application, which has been their main focus lately. I do not see how Keybase would be integrated with Zoom yet, still I am pretty sure that Keybase would provide Zoom a great insight for the real E2EE implementation.

1 Like