Discord, the popular social messaging platform, has recently announced the introduction of a new custom end-to-end encrypted (E2EE) protocol called DAVE (Discord’s audio and video end-to-end encryption). This protocol aims to enhance security for audio and video calls within the platform.
With the implementation of DAVE, voice and video in various features such as DMs, Group DMs, voice channels, and Go Live streams will be transitioned to use end-to-end encryption. This means that the audio and video data exchanged during these interactions will be protected from unauthorized access.
It is important to note, however, that while Discord is taking steps to secure voice and video content, their messaging system will remain unencrypted and subject to their content moderation approach. This decision is based on the company’s commitment to ensuring safety on the platform and allowing them to continue offering additional safety protections.
DAVE is designed to be publicly auditable and has undergone a review by Trail of Bits, a respected security company. The protocol utilizes WebRTC encoded transforms and Message Layer Security (MLS) for encryption and group key exchange (GKE), respectively. By leveraging these technologies, DAVE enables the encryption of media frames after they are encoded and decryption before they are decoded on the receiving end.
One of the key aspects of DAVE’s design is the use of per-sender symmetric keys for each frame of audio and video data. These keys are known to all participants of the call but remain unknown to any outsider who is not a member of the call, including Discord itself. This ensures that only authenticated call participants can decrypt and access the encrypted media frames.
Additionally, the adoption of MLS allows for seamless joining and leaving of voice or video sessions without compromising the security of the communication. New participants cannot decrypt media sent before they joined, and leaving members cannot decrypt any media sent in the future. This mechanism adds an extra layer of protection to the end-to-end encryption implemented by DAVE.
It’s worth mentioning that while the audio and video data exchanged during calls are end-to-end encrypted, Discord’s existing transport encryption for audio and video between the client and the selective forwarding unit (SFU) is still retained. This ensures that only audio and video data from authenticated call participants is forwarded by the SFU. Although the SFU processes all packets for the call, it cannot decrypt the encrypted audio and video data inside each packet.
This move by Discord to introduce end-to-end encryption for audio and video calls reflects the growing importance of privacy and security in communication platforms. With the recent efforts of the GSMA to implement end-to-end encryption for messages sent between Android and iOS ecosystems, it is clear that the industry is recognizing the need for robust security measures to protect user data.
By adopting a publicly auditable encryption protocol like DAVE, Discord demonstrates its commitment to transparency and accountability. The review conducted by Trail of Bits adds an extra layer of assurance that the encryption implementation is sound and capable of protecting user privacy.
Overall, the introduction of DAVE by Discord is a significant step towards enhancing the privacy and security of audio and video calls on the platform. With the continued focus on safety and content moderation, Discord aims to strike a balance between enabling privacy features and maintaining a safe and inclusive environment for its users. The adoption of end-to-end encryption protocols like DAVE and the ongoing industry-wide efforts to strengthen security reflect the evolving landscape of communication platforms and the increasing demand for privacy-centric solutions.
Source link
