Is Airmeet Secure? What can you tell me about security and encryption at Airmeet? : Airmeet

Infrastructure
- Airmeet application runs on AWS cloud
- Data of all users currently resides in India
Airmeet uses HTTPS and WSS (SSL/TLS) protocols for all client-server communications
- Protocol: TLS 1.2 and above
- Key Exchange using ECDHE_RSA with P-256
- Cipher: AES_128_GCM
User passwords are never stored in plain text
Audio/Video communication happens over WSS (SSL/TLS)
- Airmeet uses the WebRTC standard for audio/video communication
- All data transmitted via WebRTC are mandatorily encrypted in transit using standard AES (Advanced Encryption Standard) encryption which is the default cipher via SRTP (Secure Real-Time Transport Protocol), which is the security extension for network protocol designed for multimedia telephony along with DTLS (Datagram Transport Layer Security), which provides a secure communication protocol to prevent eavesdropping, modification, replaying and other such security attacks on datagrams.
- In addition to the above, Media streams will be encrypted using aes-128-xts mode. [aes-256-xts, aes-128-ecb can also be supported based on configuration]
All data is encrypted at rest with AES 256 standard. Encryption keys are managed using FIPS 140-2 compliant Hardware Security Modules.

Is Airmeet Secure? What can you tell me about security and encryption at Airmeet? Print