In a previous post, we had discussed on the security issues and privacy concerns posed by the use of teleconferencing app Zoom. Following an unexpected surge in the number of daily users amid the lockdown occasioned by the coronavirus, users of the zoom app started experiencing serious breach in privacy and security. A backlash and series of complaints ensued. This unfortunate incident didn’t go unnoticed or unattended to by the management of zoom. They had a reputation to uphold and a business to save with the fact that the niche is a competitive one.
On the 1st of April 2020 CEO Eric Yuan announced a 90-day plan to fix the many security issues after admitting that the company had failed in setting up efficient security measures to protect users’ data and meetings. This saw a series of changes effected by the company including hiring former Facebook security chief Alex Stamos as a consultant to help improve zoom’s security.
On the 7th of May 2020 Eric Yuan announced the acquisition of Keybase – an encryption startup company in a bold move to strengthen Zoom’s security. In his words, “We are excited to integrate Keybase’s team into the Zoom family to help us build end-to-end encryption that can reach current Zoom scalability.”
In same vein, the Keybase team also announced the acquisition, stating specifically that the purpose of the buy-out was to improve Zoom’s security. What however remains unknown is how much of Keybase independent operations prior to the purchase would be affected.
Keybase before Zoom
Prior to the acquisition, Keybase was and still is an end-to-end encryption service provider. Basically, it enables users to send encrypted messages across supported platforms, store files securely and also help establish identity using the crypto technology. Keybase also maintains access to public encryption key allowing exchange of messages or files securely.
Implications of the acquisition
Before this acquisition, Zoom was using an older form of encryption – the 128-bit AES key. This encryption standard has been proven to be susceptible to being compromised when compared to present day information security requirement. Subsequently, the Zoom application was updated with a more superior encryption model – AES- GCM with 256-bit keys.
With Keybase coming on board, Zoom can now provide end-to-end encryption to users, this will ultimately secure user data, information and communication. Yuan had disclosed in an earlier post that end-to-end encryption will be integrated into the Zoom system and made available for paying customers soon. The acquisition is important and timely to give users a higher level of security.