 |
Popular social messaging network Discord has announced that it's putting out a new proprietary end-to-end encrypted (E2EE) protocol to protect audio and video chats.
The protocol has been nicknamed DAVE, short for Discord's audio and video end-to-end encryption ("E2EE A/V").
As part of the upgrade made last week, voice and video in DMs, Group DMs, voice channels, and Go Live broadcasts are planned to be moved to utilize DAVE.
That so, it's worth emphasizing that chats on Discord will remain unencrypted and are subject to its content control system.
"When we consider adding new privacy features like E2EE A/V, we do not do so in isolation from safety," Discord noted. "That is why safety is integrated across our product and policies, and why messages on Discord are unencrypted."
"Messages will still be subject to our content moderation approach, allowing us to continue offering additional safety protections."
DAVE is publicly auditable and has been evaluated by Trail of Bits, with the protocol employing WebRTC encoded transforms and Message Layer Security (MLS) for encryption and group key exchange (GKE), respectively.
This enables for media frames, outside of the codec information, to be encrypted after they are encoded and decrypted before being decoded on the receiver side.
 |
"Each frame is encrypted or decrypted with a per-sender symmetric key," Discord added. "This key is known to all participants of the audio and video session but crucially is unknown to any outsider who is not a member of the call, including Discord."
The usage of MLS, on the other hand, makes it feasible for users to join or leave a voice or video session on Discord in such a way that neither new participants can decrypt media transmitted before they joined nor exiting members can decrypt any media sent in the future.
"Discord's existing transport encryption for audio and video between the client and our selective forwarding unit (SFU) is retained, ensuring only audio and video from authenticated call participants is forwarded," it added.
"While the SFU still processes all packets for the call, audio or video data inside each packet is end-to-end encrypted and undecryptable by the SFU."
The revelation comes days after the GSM Association (GSMA), the regulatory organization that supervises the development of the Rich Communications Services (RCS) protocol, revealed it's working towards integrating E2EE to encrypt data transferred across the Android and iOS ecosystems.