Verifying privacy of web real-time communications (WebRTC) media channels via corresponding WebRTC data channels, and related methods, systems, and computer-readable media
First Claim
1. A method for verifying privacy of a Web Real-Time Communications (WebRTC) media channel, comprising:
- establishing, by a first WebRTC client executing on a first computing device and a second WebRTC client executing on a second computing device, a WebRTC media channel between the first WebRTC client and the second WebRTC client using a keying material;
establishing, using the same keying material, a WebRTC data channel between the first WebRTC client and the second WebRTC client corresponding to the WebRTC media channel;
negotiating, in the WebRTC data channel, a cryptographic key exchange between the first WebRTC client and the second WebRTC client;
generating a first Short Authentication String (SAS) and a second SAS based on the cryptographic key exchange in the WebRTC data channel; and
displaying the first SAS via the first WebRTC client and the second SAS via the second WebRTC client, such that a mismatch between the first SAS and the second SAS indicates an existence of a man-in-the-middle (MitM) attacker.
14 Assignments
0 Petitions
Accused Products
Abstract
Verification of privacy of Web Real-Time Communications (WebRTC) media channels via corresponding WebRTC data channels, and related methods, systems, and computer-readable media are disclosed. In this regard, in one embodiment, a method for verifying privacy of a WebRTC media channel comprises establishing the WebRTC media channel between first and second WebRTC clients using a keying material. The method further comprises establishing a corresponding WebRTC data channel between the first and second WebRTC clients using the keying material, and negotiating, in the WebRTC data channel, a cryptographic key exchange. The method also comprises generating a first and a second Short Authentication String (SAS) based on the cryptographic key exchange in the WebRTC data channel. The method further comprises displaying the first SAS and the second SAS, such that a mismatch between the first SAS and the second SAS indicates an existence of a man-in-the-middle (MitM) attacker.
66 Citations
20 Claims
-
1. A method for verifying privacy of a Web Real-Time Communications (WebRTC) media channel, comprising:
-
establishing, by a first WebRTC client executing on a first computing device and a second WebRTC client executing on a second computing device, a WebRTC media channel between the first WebRTC client and the second WebRTC client using a keying material; establishing, using the same keying material, a WebRTC data channel between the first WebRTC client and the second WebRTC client corresponding to the WebRTC media channel; negotiating, in the WebRTC data channel, a cryptographic key exchange between the first WebRTC client and the second WebRTC client; generating a first Short Authentication String (SAS) and a second SAS based on the cryptographic key exchange in the WebRTC data channel; and displaying the first SAS via the first WebRTC client and the second SAS via the second WebRTC client, such that a mismatch between the first SAS and the second SAS indicates an existence of a man-in-the-middle (MitM) attacker. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for verifying privacy of a Web Real-Time Communications (WebRTC) media channel, comprising:
-
at least one communications interface; a first computing device associated with the at least one communications interface and comprising a first WebRTC client, the first WebRTC client comprising a first WebRTC privacy verification agent; and a second computing device associated with the at least one communications interface and comprising a second WebRTC client, the second WebRTC client comprising a second WebRTC privacy verification agent; the first WebRTC client and the second WebRTC client configured to establish a WebRTC media channel between the first WebRTC client and the second WebRTC client using a keying material; and the first WebRTC privacy verification agent and the second WebRTC privacy verification agent configured to; establish, using the same keying material, a WebRTC data channel between the first WebRTC client and the second WebRTC client corresponding to the WebRTC media channel; negotiate, in the WebRTC data channel, a cryptographic key exchange between the first WebRTC client and the second WebRTC client; generate a first Short Authentication String (SAS) and a second SAS based on the cryptographic key exchange in the WebRTC data channel; and display the first SAS via the first WebRTC client and the second SAS via the second WebRTC client, such that a mismatch between the first SAS and the second SAS indicates an existence of a man-in-the-middle (MitM) attacker. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable medium having stored thereon computer-executable instructions to cause a processor to implement a method, comprising:
-
establishing a Web Real-Time Communications (WebRTC) media channel between a first WebRTC client and a second WebRTC client using a keying material; establishing, using the same keying material, a WebRTC data channel between the first WebRTC client and the second WebRTC client corresponding to the WebRTC media channel; negotiating, in the WebRTC data channel, a cryptographic key exchange between the first WebRTC client and the second WebRTC client; generating a first Short Authentication String (SAS) and a second SAS based on the cryptographic key exchange in the WebRTC data channel; and displaying the first SAS via the first WebRTC client and the second SAS via the second WebRTC client, such that a mismatch between the first SAS and the second SAS indicates an existence of a man-in-the-middle (MitM) attacker. - View Dependent Claims (17, 18, 19, 20)
-
Specification