Discord has officially rolled out its much-anticipated end-to-end encryption (E2EE) for audio and video calls, aiming to bolster privacy for its 200 million monthly users. Following a year of experimentation, the company introduced the DAVE protocol, an encryption framework designed to secure voice and video communications across its platform.
With the implementation of E2EE, all media shared during calls will be encrypted, and only the participants will have access to the encryption keys. The rollout covers direct messages, group DMs, voice channels, and Go Live Stream.
Discord’s approach to encryption ensures that each call is unique, with distinct encryption keys generated for different users and timeframes. These keys automatically change when participants join or leave a call, preventing outsiders or previous participants from accessing ongoing media.
“E2EE media encryption keys are different for each call, and for each specific group within the call at a point in time. When the participants join or leave a call, keys are changed and members cannot decrypt media that was sent before they joined or after they left,” explained Stephen Birarda, Staff Software Engineer on Audio/Video infrastructure at Discord.
Discord users will also be able to verify other members in these encrypted calls to ensure the security of their communications. While the audio and video communications are protected, Discord clarifies that text messages will continue to follow the platform’s existing content moderation policies, remaining unencrypted.
“While audio and video will be end-to-end encrypted, messages on Discord will continue to follow our content moderation approach and are not end-to-end encrypted,” continued Birarda.
The company has made the DAVE protocol open-source and conducted a security audit with cybersecurity firm Trail of Bits. Discord has outlined five main goals for the DAVE protocol, including creating truly private conversations, offering an open and auditable protocol, ensuring broad platform compatibility, maintaining transparency for users, and delivering scalable performance.
Discord emphasises that the user experience will remain uninterrupted despite the security upgrades. Users won’t need to worry about managing identity keys or selecting primary devices to enjoy E2EE.
A new Privacy tab within calls will show the Voice Privacy Code, allowing users to verify that everyone uses the same encryption. Participants can also opt for persistent identity key pairs, making verifying users across multiple calls easier.
In the News: Binance denies owning or controlling WazirX platform