Security Mechanisms for Signaling in WebRTC-Based Peer-to-Peer Networks

D. Boldt, Sebastian Ebers

Abstract

Chord is an efficient and well-known way to create an overlay for a structured peer-to-peer network. We use Chord for a peer-to-peer network built on WebRTC, a set of protocols for direct connections between web browsers. However, Chord lacks mechanisms for authentication and end-to-end confidentiality. Thus, a man-in-the-middle attack could occur when two peers negotiate WebRTC parameters for a direct connection. We solve this security vulnerability with hybrid encryption: Each host generates a unique long-term asynchronous key pair for authentication and short-term asynchronous key pairs to establish synchronous secret keys. With these, peers can exchange WebRTC connection parameters via end-to-end authenticated and encrypted messages over multiple hops and thus establish a direct connection in a secure fashion.
OriginalspracheEnglisch
Titel2017 International Conference on Computational Science and Computational Intelligence (CSCI)
Seitenumfang6
Herausgeber (Verlag)IEEE
Erscheinungsdatum01.12.2017
Seiten19-24
ISBN (Print)978-1-5386-2653-5
ISBN (elektronisch)978-1-5386-2652-8
DOIs
PublikationsstatusVeröffentlicht - 01.12.2017
Veranstaltung2017 International Conference on Computational Science and Computational Intelligence (CSCI) - Las Vegas, USA / Vereinigte Staaten
Dauer: 14.12.201716.12.2017

Fingerprint

Untersuchen Sie die Forschungsthemen von „Security Mechanisms for Signaling in WebRTC-Based Peer-to-Peer Networks“. Zusammen bilden sie einen einzigartigen Fingerprint.

Zitieren