AES encryption

If an AES key is specified in the Option/Connections dialogue, it will be is used to encrypt sound transmitted to that host using the Advanced Encryption Standard (AES) algorithm (FIPS-197), which supports encryption with keys of 128, 192, and 256 bits. In order to decrypt sound encoded with AES, the connection on the receiving machine must specify an identical AES key. The AES key phrase can be as long as 255 characters. The actual AES key is created by applying the MD5 algorithm to the given key phrase to generate the 128 bit AES key. You can specify a 256 bit AES key by entering two separate key phrases with a "+" character between them, for example:

nebulous concepts+dubious reasoning

The first 128 bits of the key will be generated from the portion of the key before the plus sign, and the second from the characters after it. For maximum security, you should use long and difficult to guess key phrases. Of course, you must balance this against the difficulty in remembering and entering them. But there's no point specifying a 256 bit key if it's generated from two easy to guess words.

If the "Hex" box is checked to the right of the AES key in the Option/Connections dialogue, the key is specified as a hexadecimal number consisting of the digits from 0 to 9 and the letters A-F. (Letters may be upper or lower case.) Hexadecimal keys may range from one to 64 digits; the key length is the smallest of 128, 192, or 256 bits which contains the number of digits given. If the digits specified do not fill the next larger key size, the least significant digits of the key are filled with zeroes. No hashing or other transformation is performed on a hexadecimal key; it is used precisely as specified. If you have a high-security key generator, for example, based on radioactive decay, you can employ the keys it creates without worrying about the security of the algorithms Speak Freely uses when keys are specified as text strings.

Speak Freely will continue to correctly receive unencrypted sound from a given host even if an AES key is specified for the connection.

Since AES encryption is not specified as a part of the RTP and VAT protocols, it can be used only when transmitting in Speak Freely protocol.

The AES algorithm has been placed in the public domain and may be used in any manner, commercial or noncommercial, without a license.