Discord, the popular social messaging platform, has announced the rollout of a new custom end-to-end encryption (E2EE) protocol to secure audio and video calls. The protocol, named DAVE—short for Discord's Audio and Video End-to-End Encryption (E2EE A/V)—will protect communication within the platform's voice and video channels.
This update will migrate voice and video in Direct Messages (DMs), Group DMs, voice channels, and Go Live streams to the DAVE protocol. However, it's important to note that Discord messages will remain unencrypted, maintaining the platform's current content moderation policies. Discord explained that while privacy enhancements are being introduced with E2EE for audio and video, safety remains a priority, ensuring that text messages are still subject to moderation to uphold user protections.
Discord emphasized that DAVE has undergone rigorous external review and is publicly auditable. Trail of Bits, a well-known security auditing firm, has assessed the new protocol. DAVE utilizes WebRTC encoded transforms for encryption and Message Layer Security (MLS) for group key exchange (GKE), providing a layered approach to encryption. This design ensures media frames, excluding codec metadata, are encrypted post-encoding and decrypted pre-decoding by the recipient.
End-to-End Encryption for Audio and Video
Each media frame in Discord’s voice and video communications is encrypted using a unique per-sender symmetric key. This key is shared among all participants in the session, ensuring that only the individuals involved in the call can decrypt the media, while outsiders—including Discord itself—remain unable to access the data.
MLS plays a crucial role in ensuring the seamless operation of group calls, enabling users to join or leave a session without compromising encryption. Specifically, new participants cannot decrypt any media shared before their entry, and departing members lose the ability to access future communications. Discord’s existing transport encryption, which secures audio and video data between the client and the platform's selective forwarding unit (SFU), remains in place. The new protocol ensures that while the SFU processes packets during the call, the actual audio and video data inside each packet remains end-to-end encrypted and inaccessible to the SFU.
Discord's Focus on Safety and Privacy
While introducing E2EE for audio and video, Discord reaffirmed its commitment to safety by retaining its moderation capabilities for text messages. The platform emphasized that it integrates both privacy and safety into its features, balancing enhanced security with the need for user protection.
Broader Industry Context
Discord's move toward E2EE comes shortly after the GSM Association (GSMA)—the body overseeing the development of the Rich Communications Services (RCS) protocol—announced plans to implement end-to-end encryption for messages exchanged between Android and iOS devices. This reflects a broader industry trend toward stronger encryption for communications, enhancing privacy across platforms.
In summary, Discord's introduction of the DAVE protocol represents a significant step in securing audio and video calls, while the platform continues to maintain a moderation-first approach for text communications. As messaging platforms across the industry move toward enhanced encryption, Discord's implementation of E2EE in specific features sets a precedent for balancing privacy with safety in digital communication.
