Which GCM ciphers are supported by Meeting Server?


From version 2.9, the Meeting Server supports  GCM ciphers in SRTP media encryption, in AES-128 and AES-256 variants.

The order of preference of ciphers used by the Meeting Server for SIP calls is:
"AEAD_AES_128_GCM"  — AES encryption, 128 bit, GCM
"AEAD_AES_256_GCM" — AES encryption, 256 bit, GCM
"AES_CM_128_HMAC_SHA1_80" — AES encryption, 128 bit, 80 bit SHA1 authentication tag
"AES_CM_128_ HMAC_SHA1_32" — AES encryption, 128 bit, 32 bit SHA1 authentication tag

The cipher that is used in SIP calls may be determined by the call control infrastructure (for example, Cisco Unified CM) depending on how the trunks are configured. For example, trunks can be configured to force certain ciphers, notably GCM (128 or 256 variants) or to allow only 256 bit GCM.

To determine if a call leg's media is encrypted, follow these steps:

1. Using the Web Admin interface of the Meeting Server, select Configuration > API.
2. From the list of API objects, tap the ► after /callLegs.
3. Click on the object id of an existing call leg.
4. The parameter cipherSuite will indicate whether the call leg is encrypted and which SRTP encryption cipher suite is in use.

Last update:
29-Apr-2020
FAQ ID:
1494