This is a read-only archive of the Mumble forums.

This website archives and makes accessible historical state. It receives no updates or corrections. It is provided only to keep the information accessible as-is, under their old address.

For up-to-date information please refer to the Mumble website and its linked documentation and other resources. For support please refer to one of our other community/support channels.

Jump to content

Encryption

nhoglund

By nhoglund,
in Technical

 Share

Recommended Posts

nhoglund Newbie

nhoglund

Posted
Posted

I see in Mumble that there is encryption going on for the control channel and for voice? Does that mean that all voice and text messages going through mumble is encrypted?


What are the encryption keys? Are they derived from the certificates? Or, in other words, if I verify the fingerprints on the client and server certificate, can I be certain nobody could eavesdrop on a conversation in Mumble, assuming the server is secure?

Link to comment
Share on other sites
  • Administrators
hacst Newbie

hacst

Posted
  • Administrators
Posted

Hi. Voice as well as control channel are AES encrypted at all times. This also includes text (which is transmitted through the control channel). We do not even allow encryption to be switched off at all :D


The encryption uses session keys which are negotiated while connecting. Server as well as client can use certificates to verify each others identity. If you do so you can be certain, assuming the server is secure and no one has the servers/your private certificate, that nobody can eavesdrop on anything going out and into your client.

Link to comment
Share on other sites
 Share
Go to topic listing
×
×
  • Create New...