Secure communication platform Wire has overhauled its video conferencing capabilities and now allows more users to simultaneously have fully encrypted video calls.
Beginning today, Wire users will be able to video chat with up to 12 people and voice call with up to 25. While video conferencing rivals Zoom and Webex already offer end-to-end encryption on some plans, Wire’s latest move will provide that high level of security to all its users. Wire now boasts that it offers “the world’s first completely end-to-end encrypted video environment.”
As many companies enter their seventh month of employees working from home, the demand for video conferencing services has not had any let up. That has led to something of an arms race as Microsoft, Zoom and a variety of other services have in recent months announced upgrades and feature tweaks of their own.
Created in 2014 with help from one of Skype’s co-founders, Wire originally introduced video calling in March 2016. However, the high level of encryption it offered led the company to advise against video calls with more than four participants at once.
Wire CEO Morten Brøgger said in a statement that improving video capabilities had been in the works before the pandemic. But the COVID-19 outbreak accelerated efforts to increase capacity for Wire’s users.
“There was a fairly well articulated demand with a lot of our large customers that they would like to see … video conferences and voice conferences with more people, whilst still wanting that very high level of security, where everything is end-to-end encrypted in the call,” said Brøgger. “So we were already working on that, and it may sound super simple but clearly with encryption it’s a little bit more complicated to build such functionality.”
How it works
On a basic level, end-to-end encryption is a method of securing communications in a way that prevents third-parties from accessing the data while it’s transferred from one system or device to another.
On other platforms, where users connect with devices over the internet or via the cloud, the cloud providers — or “man in the middle” companies as Brøgger calls them — can technically access the encryption key and decrypt the communications. With Wire, any communication is encrypted on individual devices, meaning the phone or laptop using Wire’s app will be the only device with the encryption key to access conversations. The company couldn’t intercept and decrypt communications, even if it were asked to do so by a court of law.
“If you have a million dollars and you don’t want anyone to steal it, you go and buy the best safe that money can buy on the market — that’s the encryption algorithm — and you put your million dollars in there,” he said. “There will always be criminals who will make a business case for how much time, how much effort, how much risk is associated with hacking into that safe versus running away [with] the million dollars. In Wire, your million dollars is in $1 notes, and you put those $1 notes in a million different safes.”
At a time when even government officials sometimes meet via video, the company sees that level of security as a plus for companies worried about having conversations on platforms that cannot guarantee security.
Providing end-to-end encrypted video is not without challenges, however. Every time a user sends or receives a message in Wire, the encryption key gets updated, meaning the company is segmenting the user data into the smallest logic payloads — namely, each message.
“If it’s only one person calling another person, then there’s only two encryption keys, one on each side that needs to be synchronised. But clearly, when you have more people on the call, it starts becoming exponentially more difficult,” he said. “For instance, if there were 10 people on a voice call, your device would technically have like nine upstream encryptions and nine downstream encryptions going on at the same time. That’s a lot of processing that requires a lot of capacity [and] that logically puts a limit on the call.”
Other video conferencing platforms and end-to-end encryption
Although end-to-end encryption and video conferencing aren’t mutually exclusive, Brøgger isn’t surprised that not all platforms offer it. “It is difficult because you have to sacrifice features and functionality to make sure the platform is properly secure. It takes more money and more resources to develop it and do it right.”
Though Zoom this year said it would offer end-to-end encryption, other platforms vary. Webex, for example, said it’s available for videoconferences of up to 100 participants, but administrators with paid accounts have to enable it. (Users of the free plan can file a help ticket with Webex to request that E2E encryption be enabled.) Microsoft Teams offers data encryption, though there are debates about whether its implementation is the same as what Wire offers.
“If your collaboration system is integrated into other systems in your organization, and those systems are sharing data, that kind of integration would need to be completely rebuilt,” Brøgger said. “If you’re moving data from one system to another system, and if that data is secret or requires you to be compliant with GDPR, you must make sure that you share them with other systems with the same level of security.”
Brøgger argued that end-to-end encryption is best when built into the foundation of an application, not added later. Otherwise companies would have to rewrite their apps, making it difficult to migrate customers without losing data.
“You would lose all your chat history and all your projects in one system because there’s no physical way to distribute the rotating encryption keys back in time,” he said. “This means that it would be a complete platform migration project for companies that will require a total rewrite of the new application from the bottom up.”
Brøgger said the next step for Wire will be to scale up its platform to provide secure collaboration for larger numbers of users.
Copyright © 2020 IDG Communications, Inc.