Airmeet uses HTTPS and WSS (SSL/TLS) protocols for all client-server communications.
Protocol: TLS 1.2 and above
Key Exchange using ECDHE_RSA with P-256
Data Protection & Encryption
Airmeet will never store user passwords in plain text.
All data is encrypted at rest with AES 256 standard. Encryption keys are managed using FIPS 140-2 compliant Hardware Security Modules.
Airmeet uses the WebRTC standard for audio/video communication. All data transmitted via WebRTC are mandatorily encrypted in transit using standard AES (Advanced Encryption Standard) encryption, the default cipher via SRTP (Secure Real-Time Transport Protocol). SRTP is the security extension for network protocol designed for multimedia telephony and DTLS (Datagram Transport Layer Security), which provides a secure communication protocol to prevent eavesdropping, modification, replaying, and other such security attacks on datagrams.
In addition to the above, Media streams are encrypted using aes-128-xts mode. [aes-256-xts, aes-128-ecb can also be supported based on configuration]