Wednesday, May 28, 2014

[WebRTC] Overview and analysis of webRTC media transmission and security with DTLS-SRTP Part - 1

What is webRTC?

WebRTC is an API definition being drafted by the World Wide Web Consortium to enable browser-to-browser applications for voice calling, video chat, and P2P file sharing without plugins.

In short webRTC make you independent from any messenger type application/plug-in that you need to use for a audio/video call.


Call Mechanism in WebRTC:  


Call Attributes:
  • Signaling (SIP/XMPP/Other)
  • ICE (ICE LITE rfc5245)
  • DTLS
  • SRTP
  • PCMU/OPUS for Audio
  • VP8 for Video
Signaling:

This  attribute is necessary for advertising someones' SDP or ICE-Candidate to remote buddy for a call. This can be done by many IETF standard protocol such as - SIP, XMPP or any other protocol.

ICE:

Lite ice is a must for webRTC. Because lite ice support aggressive nomination of ice candidate selection. Which enable a call more faster then any other call. Because the endpoint doesn't need to wait for all the ICE check completion before sending any media. This enables less handshake and early media technique.

DTLS:

DTLS is a transport layer security over datagram (UDP). Its' basically used for SRTP key and certificate negotiation between 2 clients. It is specified on webRTC standard that the SRTP SDES key that are transmitted over websocket is less secure then DTLS SRTP key negotiation. Because in DTLS negotiation SRTP keying material is collected in the time of negotiation and after a certificate fingerprint verification.     

In webRTC call mechanism with SDP a certain other attribute called a=fingerprint: is negotiated with SDP.

v=0
o=Mozilla-SIPUA-27.0.1 25262 1 IN IP4 0.0.0.0
s=Robel Sharma - firefox
t=0 0
a=ice-ufrag:89560a2d
a=ice-pwd:8d80078c1cb16007ee92a607c8f42006
a=fingerprint:sha-256 28:99:57:E4:CE:6F:C6:E4:A2:21:A6:9E:9C:52:EA:A3:FE:99:01:8C:68:31:8B:C3:83:16:3A:92:37:C8:5B:24
m=audio 52345 UDP/TLS/RTP/SAVPF 109 101


This finger print  attribute contain the sha-256 fingerprint value of a valid certificate. Later this value is used for verification.

3 comments:

  1. Thanks for guides. I like your all post. I am very happy for webrtc service.
    webrtc video

    ReplyDelete
  2. I hope every person need to know webrtc video. I appreciate for share this.
    webrtc video

    ReplyDelete
  3. Thanks for sharing your honest experience. When I first took a look at my head shots,
    I wasn’t too thrilled with mine but you’ve given me a new perspective!

    Virtual Edge

    ReplyDelete

How to enable hotspot in TPG iPhone

 By default, the hotspot does not work on the phone. It will ask you to contact the provider. This video will help you bypass the network ...