The https traffic between mobile client and server, the browser and server negotiates the TLS version/encryption. As of Expressway 8.5, SSL3.0 is disabled by default, TLS 1.2 or above should be negotiated.
For the media, the JG server can be configured to enable/disable SRTP. If enabled, it uses AES_CM_128_HMAC_SHA1_32, which is a 128 bit key with authentication tag of 32 bits.
Please sign in to leave a comment.