Title: WebRTC security measures and weaknesses
Authors: Ben Feher; Lior Sidi; Asaf Shabtai; Rami Puzis; Leonardas Marozas
Addresses: Faculty of Engineering Sciences, Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, P.O. Box 653, Beer-Sheva, 84105, Israel ' Faculty of Engineering Sciences, Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, P.O. Box 653, Beer-Sheva, 84105, Israel ' Faculty of Engineering Sciences, Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, P.O. Box 653, Beer-Sheva, 84105, Israel ' Faculty of Engineering Sciences, Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, P.O. Box 653, Beer-Sheva, 84105, Israel ' Faculty of Engineering Sciences, Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, P.O. Box 653, Beer-Sheva, 84105, Israel
Abstract: WebRTC is a technology that enables real-time communication between web browsers for information streaming, including text, sound or direct data transfer. WebRTC is supported by all major browsers and has a flexible underlying infrastructure. In this study, we review current state of WebRTC and analyse security shortcomings during acts of communication disruption, modification, and eavesdropping. In addition, we examine WebRTC security in experimental scenarios.
Keywords: web real-time communication; WebRTC; DTLS-SRTP; signalling; peer-to-peer; P2P; real-time communication; security.
DOI: 10.1504/IJITST.2018.092138
International Journal of Internet Technology and Secured Transactions, 2018 Vol.8 No.1, pp.78 - 102
Received: 17 Feb 2017
Accepted: 31 Aug 2017
Published online: 04 Jun 2018 *