Appendix A: End-to-End Encryption

Zoom encrypts communications among participants in a meeting in a sort of tiered way. In its basic cloud-based encryption, available and used for all meetings since early 2021, the service generates a shared session key on a server and transmits it over a secure link to each participant.

Zoom says they don’t store or have direct access to that key. But because they employ the key to make cloud-based recordings and to patch in dial-up callers to meetings, that means that the innards of their system handles and moves it around.

This design makes it possible for Zoom to intercept and decrypt meetings in the right circumstances, and for hackers or government agents to do the same if they broke into Zoom’s servers. ...

Get Take Control of Zoom, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Take Control of Zoom, 3rd Edition by Glenn Fleishman

Appendix A: End-to-End Encryption

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly