This is a read-only archive of the Mumble forums.

This website archives and makes accessible historical state. It receives no updates or corrections. It is provided only to keep the information accessible as-is, under their old address.

For up-to-date information please refer to the Mumble website and its linked documentation and other resources. For support please refer to one of our other community/support channels.

Jump to content

Encryption


nhoglund
 Share

Recommended Posts

I see in Mumble that there is encryption going on for the control channel and for voice? Does that mean that all voice and text messages going through mumble is encrypted?


What are the encryption keys? Are they derived from the certificates? Or, in other words, if I verify the fingerprints on the client and server certificate, can I be certain nobody could eavesdrop on a conversation in Mumble, assuming the server is secure?

Link to comment
Share on other sites

  • Administrators

Hi. Voice as well as control channel are AES encrypted at all times. This also includes text (which is transmitted through the control channel). We do not even allow encryption to be switched off at all :D


The encryption uses session keys which are negotiated while connecting. Server as well as client can use certificates to verify each others identity. If you do so you can be certain, assuming the server is secure and no one has the servers/your private certificate, that nobody can eavesdrop on anything going out and into your client.

Link to comment
Share on other sites

 Share

×
×
  • Create New...