Zoom Adopts NIST-Approved Post-Quantum End-to-End Encryption for Meetings

Zoom Adopts NIST-Approved Post-Quantum End-to-End Encryption for Meetings

Popular enterprise services provider Zoom has announced the rollout of post-quantum end-to-end encryption (E2EE) for Zoom Meetings, with support for Zoom Phone and Zoom Rooms coming in the future.

Zoom’s post-quantum E2EE uses Kyber-768, which aims at security roughly equivalent to AES-192. Kyber was chosen by the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) in July 2022 as the quantum-resistant cryptographic algorithm for general encryption.

However, for post-quantum E2EE to be enabled by default, it requires all meeting participants to be on Zoom desktop or mobile app version 6.0.10 or higher. In the event some of the participants don’t meet this minimum version requirement, standard E2EE will be used.

Post-quantum cryptography is designed to thwart such risks, prompting several companies such as Amazon Web Services (AWS), AppleCloudflare, Google, HPSignal, and Tuta to integrate the new standard into their products.

Earlier this February, the Linux Foundation announced the launch of a Post-Quantum Cryptography Alliance (PQCA) that seeks to address cryptographic security challenges posed by quantum computing.

While quantum computers strong enough to break cryptography are currently only theoretical, government-backed efforts are already underway to help organizations transition to quantum-resistant cryptography.

“For organizations that support critical infrastructures or are depended upon by large sections of society, the need to migrate is particularly urgent,” HP Wolf Security noted earlier this year.


Source: https://thehackernews.com/