Security protocols
How can you be sure that your communications are safe and private?
Jitsi supports the Off-The-Record (OTR) protocol to encrypt IM conversations. OTR uses 128-bit AES, along with a couple of other hash functions, to provide authentication and forward secrecy along with encryption. Jitsi also uses the ZRTP protocol to negotiate keys when it’s establishing a connection via the RTP protocol to exchange audio and video.
GNURing offers end-to-end encryption along with TSL/SSL support for secure connections between users. It’s the only tool on our list to offer a completely distributed IM solution, but the feature comes with its own set of pros and cons.
By default, OpenMeetings uses HTTP protocol to connect the client to the server. It similarly uses RTMP protocol to transfer audio/video as well as user login credentials. The website provides instructions on how to use the HTTPS and RTMPS protocols instead.
The uTox client is based on the Tox protocol. It uses the NaCl crypto library to enforce end-to-end encryption with perfect forward secrecy. The protocol essentially generates a temporary public/private key pair which is used to make connections to non-friend peers. Tox clients additionally use Onion routing to store and locate Tox Ids. This last step makes it practically impossible to associate users to each other.