6. Encrypt Mail

Zoom Mail Service is a Zoom-hosted product that allows users to send and receive emails. In this section, we describe the cryptographic design behind Zoom Mail Service, and how it supports end-to-end encryption where possible. In particular, given the lack of a modern and widely adopted end-to-end encrypted email standard,8 and the desire to leverage the strong identity properties and the multi-device key management architecture described in the rest of this document, we only offer end-to-end encryption for emails sent between two Zoom Mail Service users (who have provisioned their clients to generate the required keys). Emails from external providers are encrypted at rest with client-controlled per-user keys as soon as possible after they are received, and the server deletes any unencrypted copy of emails to external providers after they are successfully processed. Whether emails between active Zoom Mail Service users are end-to-end encrypted or not depends on a variety of factors, such as whether the sender and receiver have already generated encryption keys, whether they are running the latest Zoom client version, as well as the configuration of user or account level settings. The user interface will always indicate whether the email a user is about to send will be end-to-end encrypted or not. Zoom Mail Client also supports external email providers, but here we only analyze the security of the product when leveraging our own Zoom Mail Service. Note: Implementing end-to-end encryption in Zoom Mail Service is an ongoing process, and not all planned features and functionality in our design will be available as of version 5.12.8. This section describes the overall plan for the cryptographic design of Zoom Mail Service and identifies limitations that remain as of the current release.