WebRTC Encryption and Security: Everything You Need to KnowNovember 5, 2020
The good news is that WebRTC is very secure. The bad news is that no system is without flaws and WebRTC security is complicated. In this post, I will discuss how WebRTC approaches security, identify some known weak areas, and discuss how WebRTC is continuing to improve its security.
Multiple Security Approaches
WebRTC is a complex, layered protocol that exists in a complex layered ecosystem of application code, browsers, native devices, and infrastructure elements. WebRTC approaches security from several different angles. First, it is secured at the protocol level. Second, using the browser as a reference, it requires a protected and private execution environment. Third, it follows best security practices by engaging its community of developers.
Protocol Layer — Mandatory Encryption Specifications
Mandatory Media Encryption
Unlike other VoIP and video conferencing technologies, encryption is mandated in WebRTC. To send video, voice, or data between two peers in WebRTC, the information must be encrypted with Secure Real Time Protocol (SRTP). SRTP encrypts the session, so no one can decode the message without the proper encryption keys. In fact, the unencrypted version of RTP is explicitly forbidden by the IETF specifications that define WebRTC.
Mandatory Secure Encryption Key Exchange
In addition, the WebRTC specifications mandate secure setup of the encryption channel to make it difficult to obtain the encryption keys. Locking your house doesn’t do much good if it is easy to find the key under your doormat. Many key exchange mechanisms such as SDES, MIKEY, and ZRTP may be used to set up this encrypted channel. Systems like SDES and MIKEY leverage the signaling channel to transmit this key data. This means if the signaling channel is compromised, the data could be unencrypted by a third party. To prevent this possibility, the WebRTC specifications mandate the use of DTLS-SRTP where keys are exchanged directly between peers on the media plane. Despite the fact that SDES is still widely used in many VoIP systems, it is specifically barred from use in WebRTC because it is not secure enough.
Lastly, WebRTC requires a secure connection between the web server that handles signaling and the peer client. This helps to keep the information in that signaling channel secure and makes it more difficult for an attacker to act as a man-in-the-middle and quietly take over the session. Signaling is secured using the HTTPS protocol — the same one most websites now use.
WebRTC security points in a peer-to-peer architecture providing end-to-end encryption
In live streaming environments, the server acts as both a signaling server and WebRTC media peer, but the same secure interfaces are used.
WebRTC security points in a live streaming architecture like Wowza Streaming Engine
WebRTC Is Secured by the Browser
WebRTC is further secured by operating in a browser sandbox. Web browsers are the most commonly used applications and have developed sophisticated security and privacy features. These features help to isolate web applications, keep sensitive user information like credit cards secure, and project hijacking of the browser to launch attacks.
Browser Security and Privacy Protections
Browser vendors are subject to strict security standards as defined by the W3C and underlying Internet specifications, like those for the WebRTC protocol. This is one top of security mechanisms at the Operating System level like limiting which applications can use the camera. Competition among major browsers like Chrome, Firefox, Edge, and Safari among others has also made them very sensitive to their users security and privacy needs in general, and particularly for WebRTC. Specific examples of WebRTC security and privacy controls include:
- HTTPS: Use of HTTPS is required to access WebRTC features (with some small exceptions for development)
- Media access permissions: Users must explicitly grant permissions to individual sites before accessing camera, microphone, or screen sharing video
- Visual usage indicators: Prominent indicators must show when your camera, microphone, and screen sharing is being used.
- Anonymizing device information: Device information remains hidden until the user has given some permissions for the site.
- IP leakage protections: Limitations and options on sharing IP address information help avoid privacy and tracking issues.
Implementation of these features does vary, but most are similar across major browsers.
Mobile OSs Have Similar Controls
Many native mobile applications also incorporate an embedded browser framework to utilize some or all of these features. Even if not using an embedded browser, major mobile operating systems like Android and iOS implement similar controls and have additional security and privacy checks through their app store submission procedures.
WebRTC Is Secured by the Community
There are 2 main philosophies to security:
- Security by obscurity: Keep the mechanisms of your system secret to make it harder to discover and compromise.
- Security by design: Make the mechanisms of your system open, invite others to try to break in, and improve the design through feedback.
Security researchers and organizations generally do not condone the first philosophy. For example, the National Institute of Standards and Technology (NIST) says “System security should not depend on the secrecy of the implementation or its components.” It is well known that secrecy never lasts forever, especially in the face of motivated adversaries.
WebRTC subscribes to security by design philosophy. Communications across browsers and devices over the Internet requires open standards, so WebRTC has little choice at the protocol level. However, for security by design to work, it needs to have broad scrutiny. The browsers that run WebRTC are all open source (e.g., WebKit for Safari, Chromium for Chrome & Edge, Gecko for Firefox, etc.) and thoroughly tested. The core WebRTC project is also open source and accompanied by dozens of different implementations actively supported by thousands of developers who are constantly reviewing and improving WebRTC in all aspects, including security.
Security Depends on the Service
WebRTC mandates encryption at the protocol level. It is subject to rigorous privacy and security controls when run inside a browser environment, but what about services that don’t use the browser? While WebRTC is primarily designed for browser-to-browser communication, many different infrastructure devices are commonly used in WebRTC services.
The table below summarizes common types of WebRTC server infrastructure and high-level security implications:
|Infrastructure device||What it does||Security implications|
|Signaling server||Authenticates users, sets up and relays signaling information between clients||Significant — user credential information needs to be guarded; privacy and usage tracking implications (like any internet service)|
|STUN server||Response with a client’s public IP address||Minimal — some privacy / usage tracking implications|
|TURN server||Relays client media when a direct connection between peers cannot be established due to firewall or NAT traversal issues||Minimal – some privacy / usage tracking implications but media is never decrypted|
|Media server||SFU, MCU, and live streaming servers that forward, mixes, and or save media from clients||Very significant — media server devices typically decrypt and encrypt media and are potential vulnerability points|
Inherent Internet Security Issues
Signaling services are essentially web application servers and need to be secured like any application. Users should be weary of who they are connecting too. Fortunately, browser and app store safeguards minimize bad providers – but bad users are another problem. “Zoom bombing” is an example where someone obtains video conferencing meeting information to join and disrupt the meeting. WebRTC service providers can prevent this by giving their users authentication mechanisms that restrict entry to authorized users and leverage moderation controls to remove and block bad actors quickly. For example, Wowza has APIs that control WebRTC stream access and duration.
Media Server Risks
While other servers like STUN and TURN are sometimes needed, these never gain access to unencrypted media, and thus don’t present much of a risk. Other servers, particularly media servers like Selective Forwarding Units (SFUs) that enable multi-party video conference calls or live streaming servers, introduce more difficult risks. These servers decrypt the media before restransmitting it with new encryption keys. Oftentimes this decryption cannot be avoided. If the media server needs to manipulate the media then it must perform decryption to access that media. For example, in live streaming networks, the media server needs to decrypt the media to resize, recompose, and convert the format for use by a Content Delivery Network (CDN).
If these servers are compromised, then the user media streams could be at risk. It is important that media server operators follow best security practices when deploying their infrastructure and managing people to prevent unauthorized access. Much like browsers do for end users, these servers should avoid unintentional caching of sensitive unencrypted data. Sensitive information should never be at rest where an attacker could access it. The servers should also isolate the media streams internally from from other processes that could nefariously access it.
The level of security will also need to vary based on the application. For example, recordings may be needed for archiving and intentional redistribution. In that case the stream will certainly need to be saved to disk and made available, but that should be done in a controller, secure manner.
Is WebRTC Secure Enough?
No software system is perfectly secure, and WebRTC is no exception. For example, a Google Project Zero security researcher recently published a major exploit that worked on 7 out 14 of the most popular Android WebRTC applications. One one hand, it is very bad that such a serious issue could have made its way into applications used on billions of devices. On the other hand, the fact that there is deep security vulnerability research done in the public domain and that all but one of these applications rapidly fixed their issues is encouraging.
Like most software, there are a few general rules WebRTC developers can follow to minimize their attack surface for vulnerabilities:
- Keep core WebRTC libraries up to date. Old code generally has more vulnerabilities.
- Pay attention to bugs and security notices. Major WebRTC projects and browsers are generally very proactive in their notifications (if you know where to look).
- Turn off pieces of code you don’t use. WebRTC is a large and comprehensive system that many apps only need a part off; minimize the attack surface.
- Test and conduct RTC-specific security research. If you don’t find your issues, someone else will eventually.
- Secure your infrastructure – WebRTC may be secure, but if your web or media servers are insecure it could compromise the system. For example, features like Wowza’s publication authentication features to limit the attack opportunity for stream hijacking.
WebRTC is used every day by billions of people. Its security is certainly not perfect, but it provides the most secure approach by mandating security at a low level, working with an established security sandbox in many cases (the browser), and encouraging review by a large and very active community.