As promised when the company acquired Keybase, Zoom released its draft cryptographic design for end-to-end encrypted video communications on May 22 for public review. The release of the white paper was announced by Max Krohn, the co-founder of Keybase, a key directory that maps social media identities to encryption keys and offers end-to-end encrypted chat (Keybase Chat) and cloud storage system (Keybase Filesystem). It is not clear when this public consultation, with feedback from Zoom clients, cryptography experts, and civil society, will end. A version of Zoom's meeting encryption protocol is set for release on May 30, but it is not clear if this will be the end-to-end encryption protocol. We have reached out to the company for more information. All of this is a part of Zoom’s 90-day plan (announced on April 1) to improve its security after it had numerous lapses, Zoombombing the most notable amongst them. Under the 90 day plan, it first announced a six month feature update freeze, following which it created a Chief Information Security Officers Council (CISO Council) with CISOs from HSBC, NTT Data, etc. A subset of this council, with security experts from Netflix, VMware and Uber, will personally advise Zoom CEO Eric S. It had also hired cybersecurity expert and Facebook’s former chief security officer Alex Stamos of Stanford University as an external advisor. What is end-to-end encryption? It is a way of encrypting your communications so that except for the sender and the receiver(s), nobody will be able to access your communication.…
