Options for Securing RTP Sessions

The Real-time Transport Protocol (RTP) is used in a large number of different application domains and environments. This heterogeneity implies that different security mechanisms are needed to provide services such as confidentiality, integrity, and source authentication of RTP and RTP Control Protocol (RTCP) packets suitable for the various environments. The range of solutions makes it difficult for RTP-based application developers to pick the most suitable mechanism. This document provides an overview of a number of security solutions for RTP and gives guidance for developers on how to choose the appropriate security mechanism

Reflections on security options for the real-time transport protocol framework

The Real-time Transport Protocol (RTP) supports a range of video conferencing, telephony, and streaming video ap- plications, but offers few native security features. We discuss the problem of securing RTP, considering the range of applications. We outline why this makes RTP a difficult protocol to secure, and describe the approach we have recently proposed in the IETF to provide security for RTP applications. This approach treats RTP as a framework with a set of extensible security building blocks, and prescribes mandatory-to-implement security at the level of different application classes, rather than at the level of the media transport protocol

Options for Securing RTP Sessions

The Real-time Transport Protocol (RTP) is used in a large number of different application domains and environments. This heterogeneity implies that different security mechanisms are needed to provide services such as confidentiality, integrity, and source authentication of RTP and RTP Control Protocol (RTCP) packets suitable for the various environments. The range of solutions makes it difficult for RTP-based application developers to pick the most suitable mechanism. This document provides an overview of a number of security solutions for RTP and gives guidance for developers on how to choose the appropriate security mechanism

Implementation and Evaluation of Security on a Gateway for Web-based Real-Time Communication

Verkkopohjainen reaaliaikainen kommunikointi (WebRTC) on joukko uusia standardeja, jotka mahdollistavat selainten välisen multimediakommunikoinnin. Nämä standardit määrittelevät vaatimukset selaimille, sisältäen JavaScriptohjelmointirajapinnan sovelluskehittäjille, kuin myös mediatason protokollat, joita käytetään yhteyden muodostamiseen, median välittämiseen sekä tiedon salaukseen. Tuki interaktiiviselle yhteyden luomiselle (ICE) ja tiedon salaukselle toteutettiin olemassaolevalle yhdyskäytäväprototyypille. Kyseinen yhdyskäytävä oli alunperin luotu yhdistämään WebRTC-mahdollisuudet olemassaolevaan IP-pohjaiseen multimediaverkkoon, mutta siitä puuttui tarvittavat tietoturvaominaisuudet. Yhdyskäytävän suorituskyky mitattiin ja analysoitiin eri puhelutyypeillä WebRTC-käyttäjien välillä. Analyysi keskittyi kahteen suureeseen: yhdyskäytävän prosessointikuorma sekä pakettien viive. Yksittäisten puheluiden lisäksi yhdyskäytävää kuormitettiin kymmenellä HD videopuhelulla ja kymmenellä audiopuhelulla. Mittausten perusteella tehtyjen arvioiden mukaan kahden WebRTC-käyttäjän välillä olevan yksittäisen yhdyskäytävän suorituskyky yltää 14:stä yhtäaikaisesta HD videopuhelusta 74:ään yhtäaikaiseen audiopuheluun. Mediaaniviive pysyi kaikissa testeissä alle 0.2 millisekunnissa.Web Real-Time Communication (WebRTC) is a set of standards that are being developed, aiming to provide native peer-to-peer multimedia communication between browsers. The standards specify the requirements for browsers, including a JavaScript Application Programming Interface (API) for web developers, as well as the media plane protocols to be used for connection establishment, media transportation and data encryption. In this thesis, support for Interactive Connectivity Establishment (ICE) and media encryption was implemented to an existing gateway prototype. The gateway was originally developed to connect the novel WebRTC possibilities with existing IP Multimedia Subsystem (IMS) services, but it was lacking the necessary security functionalities. The performance of the gateway was measured and analyzed in different call scenarios between WebRTC clients. Two key elements, CPU load of the gateway and packet delay, were considered in the analysis. In addition to single call scenarios, the tests included relaying of ten simultaneous HD video calls, and relaying of ten simultaneous audio calls. Estimates based on the measurements suggest, that the overall capacity of a single gateway between two WebRTC clients ranges from 14 simultaneous HD video calls to 74 simultaneous audio calls. The median delay in the gateway remained under 0.2 milliseconds throughout the testing

Real-time Audio-Visual Media Transport over QUIC

We consider the problem of how to transport low-latency, interactive, real-time traffic over QUIC. This is needed to support applications like WebRTC, but difficult to support due to the reliable, unframed, nature of QUIC streams. We review the needs of low-latency real-time applications and how they have been supported in previous protocols, then propose a minimal set of extensions to QUIC to provide such support. Compared to a raw datagram service, our extensions provide meaningful support for partially reliable and real-time flows, in a backwards compatible manner

Peer-to-Peer Conferencing using Blockchain, WebRTC and SIP

  The owner of the centralized video platform has more control over uploaded content than the content producer does. But the other Blockchain-based decentralized video services are attempting to reduce ad pressure and get rid of middlemen. The article suggests a combination of a safe encryption technique and an access control mechanism created "with technology" to create a successful decentralized video streaming platform built on the Blockchain. Peer-to-peer (P2P) overlays are one of the complicated network applications and services that have been migrated to the Web as a result of the increasing support for Web Real-Time Communication (WebRTC) standard in modern browsers for real-time communications. The expansion of access networks’ bandwidth also makes it possible for end users to start their own content businesses. This paper presents a preliminary proposal of metrics and technologies to move toward a decentralized cooperative architecture for large-scale, real-time live stream content de- livery based on WebRTC, without the requirement of a Content Delivery Network (CDN) infrastructure. The paper takes into account the light of the aforementioned aspects [6]

Performance Evaluation of WebRTC-Based Video Conferencing: A Comprehensive Analysis

In an ever-evolving technological landscape, addressing the performance challenges of real-time communication protocols is crucial. Real-time communication, facilitated by streaming media protocols, utilizes peer-to-peer or client-server models to enhance Quality of Service (QoS). WebRTC (Web Real-Time Communication) stands as a widely adopted, browser-based, open-source, peer-to-peer protocol, offering real-time media transmission through JavaScript APIs without third-party plugins. This paper presents an in-depth performance evaluation of a WebRTC-based video conferencing system using Socket.io services on a Node.js server. Our research expands on recent studies by introducing a comprehensive set of performance parameters, including Processing delay, CPU Utilization, Latency, Jitter, and Packet Loss, and packet delay. Our findings indicate that WebRTC performs exceptionally well within specific latency thresholds. However, scalability concerns emerge when a large number of clients are introduced, especially in bandwidth-constrained environments

Guidelines for using the multiplexing features of RTP to support multiple media streams

The Real-time Transport Protocol (RTP) is a flexible protocol that can be used in a wide range of applications, networks, and system topologies. That flexibility makes for wide applicability but can complicate the application design process. One particular design question that has received much attention is how to support multiple media streams in RTP. This memo discusses the available options and design trade-offs, and provides guidelines on how to use the multiplexing features of RTP to support multiple media streams