You are here: Administration > Reference > Encryption methodologies

Encryption methodologies

Pexip nodes

The backplane (the link between the Management Node and a Conferencing Node, or between two Conferencing Nodes) uses an IPsec transport with the following settings:

  • 256-bit AES-CBC for encryption
  • SHA 512 hashing for integrity checking
  • a 4096 bit Diffie-Hellman modulus for key exchange.

No other ciphers, hashes or moduli are permitted.

These settings apply to both the initial channel set up for key exchange (ISAKMP) and the secondary channel over which application data is transported (ESP).


Encrypted connections between Pexip Infinity and endpoints use:

Infinity Connect (web/desktop/mobile) clients use:

  • HTTPS TLS for signaling
  • DTLS and SRTMP (encrypted RTMP) for media