Security Mechanisms for Signaling in WebRTC-Based Peer-to-Peer Networks

D. Boldt, Sebastian Ebers

Abstract

Chord is an efficient and well-known way to create an overlay for a structured peer-to-peer network. We use Chord for a peer-to-peer network built on WebRTC, a set of protocols for direct connections between web browsers. However, Chord lacks mechanisms for authentication and end-to-end confidentiality. Thus, a man-in-the-middle attack could occur when two peers negotiate WebRTC parameters for a direct connection. We solve this security vulnerability with hybrid encryption: Each host generates a unique long-term asynchronous key pair for authentication and short-term asynchronous key pairs to establish synchronous secret keys. With these, peers can exchange WebRTC connection parameters via end-to-end authenticated and encrypted messages over multiple hops and thus establish a direct connection in a secure fashion.
Original languageEnglish
Title of host publication2017 International Conference on Computational Science and Computational Intelligence (CSCI)
Number of pages6
PublisherIEEE
Publication date01.12.2017
Pages19-24
ISBN (Print)978-1-5386-2653-5
ISBN (Electronic)978-1-5386-2652-8
DOIs
Publication statusPublished - 01.12.2017
Event2017 International Conference on Computational Science and Computational Intelligence (CSCI) - Las Vegas, United States
Duration: 14.12.201716.12.2017

Fingerprint

Dive into the research topics of 'Security Mechanisms for Signaling in WebRTC-Based Peer-to-Peer Networks'. Together they form a unique fingerprint.

Cite this