Systems and methods for conducting secure VOIP multi-party calls

What is claimed is: 1. A method comprising: communicating, via a communication interface of a conference-call server, during a conference-call session, a plurality of data packets over a data network with a plurality of remote endpoints of the conference-call session, each data packet comprising a packet head and an encrypted packet payload comprising encrypted audio; receiving, via the communication interface during the conference-call session, at a cryptographic interface of the conference-call server coupled to the communication interface, the respective data packets sent from the respective remote endpoints, the cryptographic interface relaying the respective data packets to respective server-side hardware elements of a plurality of server-side secure hardware elements, the cryptographic interface comprising a plurality of individual physical-connection ports, each of the individual physical-connection ports configured to connect to the respective server-side secure hardware elements; each of the server-side secure hardware elements of the conference-call server establishing a respective cryptographic relationship with a different respective remote endpoint of the conference-call session at least in part by negotiating respective cryptographic key information with its respective remote endpoint, each such cryptographic relationship having its own security parameters that (i) include the cryptographic key information and (ii) are inaccessible to the communication interface; each server-side secure hardware element decrypting the encrypted packet payload of the respective relayed data packet using its respective security parameters; an audio mixer receiving the respective decrypted audio of the respective decrypted packet payload from the respective server-side secure hardware elements, mixing the respective decrypted audio, and providing unencrypted mixed audio back to each of the plurality of server-side secure elements; each server-side secure hardware element encrypting the unencrypted mixed audio using its respective security parameters; and parameters and the cryptographic interface outputting the respective encrypted mixed audio to the communication interface for transmission via the communication interface to the respective remote endpoint. 2. The method of claim 1 , further comprising: receiving, at the conference-call server, a respective initiation request to initiate a respective secure communication connection from each remote endpoint of the plurality of remote endpoints, wherein, in response to receiving the respective initiation requests, the respective cryptographic relationships are established at least in part by relaying key information from the respective remote endpoints to the corresponding server-side secure hardware elements. 3. The method of claim 2 , wherein establishing the respective corresponding cryptographic relationships comprises each server-side secure hardware element performing a key-exchange to generate a respective server decryption key to decrypt the respective encrypted audio from the respective remote endpoint and a respective server encryption key to encrypt the mixed audio. 4. The method of claim 3 , wherein the respective key-exchanges comprise Diffie-Hellman key-exchanges. 5. The method of claim 1 , further comprising: receiving, at the conference-call server, a global key from each remote endpoint of the plurality of remote endpoints; and authenticating, at the conference-call server, the global key at least in part by determining whether the global key is valid for use to participate in the conference-call session. 6. The method of claim 5 , wherein authenticating the global key further comprises determining whether the global key is valid for a time and day on which the request is received. 7. The method of claim 5 , further comprising: receiving, at the conference-call server, a request for the global key from one of the remote endpoints for participation in the conference-call session; the conference-call server retrieving the global key from a key-management database; and sending the global key from the conference-call server to the requesting remote endpoint. 8. The method of claim 1 , further comprising: receiving, at the conference-call server, a segment key indicative of a group to which a user of the corresponding remote endpoint belongs; and authenticating, at the conference-call server, the corresponding segment key by determining whether the corresponding segment key is valid for use to participate in the conference-call session. 9. The method of claim 1 , further comprising: receiving, at the conference-call server, a segment-key request for a segment key from one of the remote endpoints corresponding to a group to which a user of at least one other remote endpoint belongs; the conference-call server retrieving the segment key from a key-management database; and the conference-call server sending the segment key to the requesting remote endpoint. 10. A conference-call server comprising: a communication interface configured to communicate, during a conference-call session, a plurality of data packets over a data network with a plurality of remote endpoints of the conference-call session, each data packet comprising a packet header and an encrypted packet payload comprising encrypted audio; a cryptographic interface coupled to the communication interface, the cryptographic interface comprising a plurality of individual physical-connection ports, each of the individual physical-connection ports configured to connect to a respective server-side secure hardware element of a plurality of server-side secure hardware elements, the cryptographic interface configured to receive, via the communication interface during the conference-call session, the respective data packets sent from the respective remote endpoints and to relay the respective data packets to the respective server-side secure hardware elements; each server-side secure hardware element configured to: establish a respective cryptographic relationship with a different respective remote endpoint of the plurality of remote endpoints of the conference-call session at least in part by negotiating respective cryptographic key information with its respective remote endpoint, each such cryptographic relationship having its own security parameters that (i) include the cryptographic key information and (ii) are inaccessible to the communication interface; and decrypt the encrypted packet payload of the respective relayed data packet using its respective security parameters; an audio mixer configured to receive the respective decrypted audio of the respective decrypted packet payload from the respective server-side secure hardware elements, to mix the respective decrypted audio, and to provide unencrypted mixed audio back to each of the plurality of server-side secure hardware elements, wherein each server-side secure hardware element is further configured to encrypt the unencrypted mixed audio using its respective security parameters, wherein the cryptographic interface is further configured to output the respective encrypted mixed audio from the respective server-side secure hardware elements to the communication interface for transmission via the communication interface to the respective remote endpoint. 11. The conference-call server of claim 10 , wherein the respective server-side secure hardware elements comprise respective microSD cards. 12. The conference-call server of claim 10 , wherein the cryptographic interface is a hardware interface to the plurality of server-side secure hardware elements selected from the group consisting of: a