Keep the NSA out of WebRTC

254 points

13 years ago

The upcoming standard for real time communications on the web, WebRTC, currently makes DTLS mandatory to implement: All communications will be encrypted at all times with ephemerally keyed encryption. With DTLS-SRTP content interception will always be _possible_ to detect (e.g. by comparing session IDs) and when coupled with something like Persona (BrowserID) MITM becomes infesable. This is a massive step forward from today's Internet: Even where we have encryption it's almost user to service, not user to user and even that can usually be defeated by a downgrading attack.

Some parties have been periodically proposing that SDES ('Security Descriptions') be also made mandatory to implement (e.g. http://tools.ietf.org/html/draft-ohlsson-rtcweb-sdes-support-01), and Google's WebRTC stack already supports it. SDES sends the crypto keys over the signaling channel, making them visible to all the signaling servers at a minimum. SDES-SDES makes passive and undetectable monitoring possible and provides a false sense of security in a world where powerful parties bend the rule of law to engage in massive surveillance.

If you care about building infrastructure which ensures individual privacy I strongly encourage becoming informed and an active participant in the IETF RTCWeb working group: http://tools.ietf.org/wg/rtcweb/ The IETF is an open organization and thoughtful contributions from everyone, especially people who will be building systems using these standards, are welcome.

The security architecture draft http://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-06 and the mailing list archives are good starting points as well as the Wing draft on problems with SDES: http://tools.ietf.org/html/draft-wing-rtcweb-sdes-problems-00.

17 comments