Understand WebRTC basics to maximize deployment and adoption
A comprehensive collection of articles, videos and more, hand-picked by our editors
It is true that Web Real-Time Communications (WebRTC) is encrypted, but additional security measures are still...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Without some third-party identity service or certificate authority, however, WebRTC media flows are vulnerable against attacks like a man-in-the-middle (MitM) attack, where an intruder intercepts communication between a user and a website. For example, ZRTP: Media Path Key Agreement for Unicast Secure RTP provides protection against MitM attackers using key continuity augmented with a Short Authentication String, in which two users verify that there is no MitM by verbally comparing two strings. An IETF memo describes how ZRTP can be used over the WebRTC data channel to provide MitM protection for WebRTC media flows keyed using DTLS-SRTP. This provides users protection against MitM attackers without requiring browsers to support ZRTP or requiring users to download a plugin or extension to implement ZRTP.
Further, I would argue that security should be applied to any source that contains embedded code to further guard against denial-of-service attacks and other attacks that could make the transmission unavailable. As with all things Internet, you have to secure transmissions of any kind to protect them from vulnerabilities.
How WebRTC can pose security threats
E-SBCs take on WebRTC security
New WebRTC apps focus on user experience
Related Q&A from Carrie Higbie Goetz
The next generation of wireless broadband, 5G, promises faster speeds and better coverage than current wireless technology. New mobile UC features ...continue reading
Preparing a request-for-proposal document for a potential UC cloud service requires several elements. Learn how to craft a thorough RFP to meet your ...continue reading
Security is a priority when moving communications to the cloud. Organizations must do their due diligence when evaluating cloud providers' UC ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.