cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Jabber Guest for iOS - encryption

wsurala01
Beginner
Beginner

Hi All,

I am developing iOS application with JabberGuest SDK and I need the calls to be absolutely secure and encrypted. Therefore, I have to questions:

1. Are the connections with proper server encrypted by default? If no, what steps should I take to encrypt it?

2. If there is a possibility to encrypt a connection, what technology is used for the encryption? During the app submission process I'll need to list that.

I will be grateful for any informative assistance, I have already searched through the DevNet.

1 ACCEPTED SOLUTION

Accepted Solutions

jocreed
Cisco Employee
Cisco Employee

The https traffic between mobile client and server, the browser and server negotiates the TLS version/encryption. As of Expressway 8.5, SSL3.0 is disabled by default, TLS 1.2 or above should be negotiated.

For the media, the JG server can be configured to enable/disable SRTP. If enabled, it uses AES_CM_128_HMAC_SHA1_32, which is a 128 bit key with authentication tag of 32 bits.

View solution in original post

2 REPLIES 2

jocreed
Cisco Employee
Cisco Employee

Let me see if i can find out for sure how encryption with the guest SDK is implemented. 

Although, I would imagine if you are successfully connecting to a CUP server the default connection from that server would be a TLS encrypted connection unless you specifically turned off the encryption in the settings.  If you are using it to connect to a different kind of Jabber/XMPP server I would imagine it would also require an encrypted connection by default, but you would have to check the documentation of the third party jabber/XMPP server.

I will let you know about the specifics of the the Jabber SDK for iOS as soon as I find out something.

jocreed
Cisco Employee
Cisco Employee

The https traffic between mobile client and server, the browser and server negotiates the TLS version/encryption. As of Expressway 8.5, SSL3.0 is disabled by default, TLS 1.2 or above should be negotiated.

For the media, the JG server can be configured to enable/disable SRTP. If enabled, it uses AES_CM_128_HMAC_SHA1_32, which is a 128 bit key with authentication tag of 32 bits.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: