Explore the challenges and objectives of implementing end-to-end encryption (E2EE) and user identity in video conferencing platforms through this insightful conference talk from USENIX Enigma 2021. Delve into Zoom's multi-phased approach to E2EE, focusing on strong identity confirmation protocols and minimal server trust. Discover how the team navigated existing architectural constraints, user trust models, and UI/UX expectations while integrating E2EE into a system supporting hundreds of millions of daily participants. Learn about the development of consistent and auditable user identities designed to link users to their accounts, organizations, and devices' long-term keys. Understand the mechanisms employed to reduce reliance on server-side security and the goal of making server compromise detectable by external auditors. Gain valuable insights into the evolving landscape of secure communication in a remote-first world and the importance of balancing encryption with user-friendly identity verification.
Building End-to-End Encryption and User Identity for Video Conferencing - Zoom's Approach
USENIX Enigma Conference via YouTube
Overview
Syllabus
USENIX Enigma 2021 - Building E2EE and User Identity
Taught by
USENIX Enigma Conference