Open main menu

XMPP server encryption

XMPP server encryption - is basic encryption. Server encryption is intended so that attackers or spies cannot intercept messages with an open text without e2e. Without reliable server-side encryption, your data can be intercepted via public WI-FI or saved by the ISP. Connection to is impossible without encryption TLS.



  • TLS (RSA or ECC) - Basic encryption protects against hackers and espionage of the governments of most countries. Example:
you <=TLS c2s (medium protected)=> server <=> TLS s2s (medium protected) <=> server <=TLS c2s (medium protected) => your friend
  • StartTLS is also similar to TLS and does not have strong security differences if the certificate is trusted.

ECC vs RSA keys

  • RSA (Example: ECDHE-RSA-AES256-GCM-SHA384) is outdated encryption. Uses more server resources and uses less XMPP client resources and weaker encryption. By default RSA is weak, so it is strengthened by the ECC with the algoritm ECDHE
Equivalent bits keys AES vs RSA vs ECC
112 2048 224
128 3072 256
192 7680 384
256 15360 524

  • ECC (Example:ECDHE-ECDSA-AES256-GCM-SHA384) modern encryption uses less XMPP server resources and uses less XMPP client resources. In 2021, it will be adopted as a standard for all TLS certificates (Even RSA certificates will use CA ECC)
«The small key sizes make ECC very appealing for devices with limited storage or processing power, which are becoming increasingly common in the IoT. In terms of more traditional web server use cases, the smaller key sizes can offer speedier SSL handshakes (which can translate to faster page load times) and stronger security» - ECC vs RSA "GlobalSing"

Perfomance RSA vs ECC
Type bit sign sign/s
RSA 2048 0.000561s 1783.1
ECC 224 0.000100s 12410.4

Security level RSA and ECC

RSA or ECC security depends on more trust from the CA (Let'Encrypt or other) than on the type of encryption, but ECC certificates are considered more secure against a quantum computer. The larger the bit, the more qubit the quantum computer needs to break the encryption.

Server encryption RSA or ECC is weak protected against shadowing the users from country where the server is located or countries where the CA (Let's encrypt / USA) is located.With all the flaws, server encryption is useful and increases security.

Server encryption is high protected against hackers, interception of Wi-Fi, surveillance from third countries.To protect against espionage from the CA or the country of the server's location, you must use always e2e encryption.

It is worth known that the TLS ECC vs TLS RSA comparison describes only server encrypt using. OpenPGP RSA user certificates in XMPP client for e2e encryption are more secure than server-side RSA or ECC for TLS

your e2e openPGP / ОМЕМО/ OTR (high protected)<=TLS c2s (medium protected)=> server ECC<=> TLS s2s (medium protected) <=> server <=TLS c2s (medium protected) => your friend e2e openPGP / ОМЕМО/ OTR (high protected)

Dialback (no support

Dialback - At the time of the creation of XMPP certificates were paid. Many server owners have refused to pay for certificates. To solve the problem with paid certificates was coined dialback.Certificate verification is based on ip compliance. Encryption is used, but it is not secure. Example:

you <=TLS c2s (medium protected) => server <=> Dialback s2s (low protected) <=> server <= self-signet serfiticate + public wi-fi (Danger! Bad protected) => your inexperienced friend

Security level Dialback

Dialback is not able to protect from government surveillance and hacking by hackers and today outdated encryption for public servers. Dialback no support server When using e2e encryption dialback connection is safe, but connection dialback does not perform useful tasks for public servers. Dialback (without e2e) creates a false sense of security. To replace DialBack, it is recommended to use valid tls + e2e encryption.


DNSsec encrypts DNS requests to the server. DNSsec is enabled on