The backplane (the link between the Management Node and a Conferencing Node, or between two Conferencing Nodes) uses an IPsec transport with the following settings:
- 256-bit AES-CBC for encryption
- SHA 512 hashing for integrity checking
- a 4096 bit Diffie-Hellman modulus for key exchange.
No other ciphers, hashes or moduli are permitted.
Encrypted connections between Pexip Infinity and endpoints use:
- AES 128-bit encryption for media
- TLS for SIP call control (for more information, see Managing TLS and trusted CA certificates)
- SRTP for SIP media
- H.235 for H.323 media
Infinity Connect (web/desktop/mobile) clients use:
- HTTPS TLS for signaling
- DTLS and SRTMP (encrypted RTMP) for media