Popular social messaging platform Discord has recently revealed the implementation of its bespoke end-to-end encryption (E2EE) protocol to secure both audio and video communications.
This novel protocol, aptly named DAVE, serves as the cornerstone of Discord’s encrypted audio and video communication system, standing for Discord’s Audio-Visual End-to-End Encryption (E2EE A/V).
As of last week’s update, all voice and video transmissions within direct messages (DMs), group DMs, voice channels, and even live-streamed sessions known as Go Live are set to transition to the DAVE protocol.
However, it’s critical to note that text-based messages within Discord will continue to remain outside the bounds of encryption and will still be governed by the platform’s content moderation framework.
“When integrating advanced privacy mechanisms such as E2EE A/V, we take into account both privacy and safety in tandem,” Discord remarked. “This is why we maintain an embedded safety protocol across our services and policies, leaving text-based communication unencrypted.”
“Messages will continue to undergo our moderation process, enabling us to offer heightened safety layers,” the company added.
DAVE stands as a publicly auditable framework, having undergone scrutiny from Trail of Bits. It leverages cutting-edge WebRTC encoded transforms and the Message Layer Security (MLS) protocol for both encryption and group key management, respectively.
The architecture of this protocol ensures that media frames—excluding the codec metadata—are encrypted post-encoding and decrypted prior to decoding on the recipient’s device.
“Each frame is sealed or unveiled with a symmetric key unique to each sender,” Discord clarified. “This key is shared solely among the participants of a given audio-visual session, and importantly, it remains hidden from any external entity, including Discord itself, if not part of the call.”
In contrast, the MLS protocol enhances security by allowing seamless entry or exit from audio/video sessions on Discord, such that newly added members cannot access past media, while departing users are similarly unable to access future content.
“Discord’s existing transport encryption between the user’s device and our selective forwarding unit (SFU) remains intact, ensuring that only authenticated participants’ audio and video streams are relayed,” the company stated.
“While the SFU manages packet delivery for the call, the content of these packets—whether audio or video—remains end-to-end encrypted, preventing the SFU from decrypting the data.”
This development arrives on the heels of an announcement by the GSM Association (GSMA), which oversees the development of the Rich Communications Services (RCS) protocol. The GSMA has expressed its intention to integrate E2EE into messaging systems bridging the Android and iOS ecosystems.
