WebRTC traffic and end-to-end encryption

764 views
Skip to first unread message

Chris Lercher

unread,
Apr 29, 2014, 8:58:27 AM4/29/14
to turn-server-project...@googlegroups.com
Hi,

recently, I posted a question on SO (http://stackoverflow.com/questions/23085335/is-webrtc-traffic-over-turn-end-to-end-encrypted) and received a (probably?) good answer.

The short version of it is:

Q: Can I be sure that WebRTC traffic is end-to-end encrypted (the ends being the peers, not the server)? (Assuming of course, that I have a secure signaling channel, where authentication is already guaranteed)

A: Yes, WebRTC performs the end-to-end encryption in its application protocol, and TURN just relays the packets.

Is that correct?

I want to be able to tell my users with full confidence, that the operator of the TURN server has no way to eavesdrop on the conversation (assuming the software and protocol have no bugs etc.)

Thanks
Chris

Oleg Moskalenko

unread,
Apr 29, 2014, 11:18:12 AM4/29/14
to Chris Lercher, turn-server-project...@googlegroups.com
Webrtc uses srtp for media so the server cannot decrypt the relayed media traffic.

Sent from my iPhone
--
You received this message because you are subscribed to the Google Groups "TURN Server (Open-Source project)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to turn-server-project-rfc57...@googlegroups.com.
To post to this group, send email to turn-server-project...@googlegroups.com.
Visit this group at http://groups.google.com/group/turn-server-project-rfc5766-turn-server.
For more options, visit https://groups.google.com/d/optout.

Peter Villeneuve

unread,
May 10, 2014, 10:02:58 AM5/10/14
to turn-server-project...@googlegroups.com, Chris Lercher
Interesting discussion, but there's one caveat if my understanding of DTLS-SRTP is correct.
While the TURN server cannot decrypt the relayed media traffic (unless it does a MiTM attack), isn't the server hosting the web app able to decrypt the traffic since it knows the certificates used?


On Tuesday, April 29, 2014 4:18:12 PM UTC+1, Oleg Moskalenko wrote:
Webrtc uses srtp for media so the server cannot decrypt the relayed media traffic.

Sent from my iPhone

On Apr 29, 2014, at 5:58 AM, Chris Lercher <chris....@gmail.com> wrote:

Hi,

recently, I posted a question on SO (http://stackoverflow.com/questions/23085335/is-webrtc-traffic-over-turn-end-to-end-encrypted) and received a (probably?) good answer.

The short version of it is:

Q: Can I be sure that WebRTC traffic is end-to-end encrypted (the ends being the peers, not the server)? (Assuming of course, that I have a secure signaling channel, where authentication is already guaranteed)

A: Yes, WebRTC performs the end-to-end encryption in its application protocol, and TURN just relays the packets.

Is that correct?

I want to be able to tell my users with full confidence, that the operator of the TURN server has no way to eavesdrop on the conversation (assuming the software and protocol have no bugs etc.)

Thanks
Chris

--
You received this message because you are subscribed to the Google Groups "TURN Server (Open-Source project)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to turn-server-project-rfc5766-turn-server+unsubscribe@googlegroups.com.
To post to this group, send email to turn-server-project-rfc5766-turn-...@googlegroups.com.

Philipp Hancke

unread,
May 10, 2014, 10:27:49 AM5/10/14
to Peter Villeneuve, turn-server-project...@googlegroups.com, Chris Lercher
Hi Peter,

While the TURN server cannot decrypt the relayed media traffic (unless it does a MiTM attack), isn't the server hosting the web app able to decrypt the traffic since it knows the certificates used?


The web server hosting the JS or the signalling server only know the certificate fingerprint (associated with the public key) from the a=fingerprint SDP line. The certificate private key is not even known to the JS layer.

This is somewhat better than SDES which was transmitting the encryption key via the signalling path.

cheers

philipp

Peter Villeneuve

unread,
May 10, 2014, 10:44:15 AM5/10/14
to turn-server-project...@googlegroups.com


Hi Philipp,

Thanks for clearing that up. I was probably bringing my SIP experience and thinking of SDES where the server can know the keys since they go through the signalling path as you rightly point out.
So I guess then that we can safely state that something like jitmeet is really end2end encrypted and the server admin can't eavesdrop even if he wanted to, correct?

Cheers

Oleg Moskalenko

unread,
May 10, 2014, 4:50:17 PM5/10/14
to Peter Villeneuve, turn-server-project...@googlegroups.com
Yes that's right. TURN server has no ability to decrypt the relayed traffic.

Sent from my iPhone
--
You received this message because you are subscribed to the Google Groups "TURN Server (Open-Source project)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to turn-server-project-rfc57...@googlegroups.com.
To post to this group, send email to turn-server-project...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages