WebRTC Development Services: Know About Encryption & OTT VoIP!

Encryption doesn’t always equal privacy

IT departments have all the means necessary to manage voice communication over the enterprise network and know the ins and outs of those communications. Some enterprises have compliance requirements to which they must adhere, some have security considerations and others have reasons to “know what’s happening in their network”.

With traditional VoIP systems, achieving the above is relatively a simple task.

However, OTT VoIP traffic is a different story. And in the case of OTT, most enterprises settle with one of the following options:

  • Block it
  • Live with the reality

The question is, are these the only two options available and what do enterprises really want to do about OTT VoIP?

Border TURN server

Some enterprises are adding a new entity to the border of their network, a border TURN server that forces all VoIP media traffic to go through it. This includes enterprise managed VoIP as well as OTT. VoIP media that doesn’t go through the border TURN server is blocked.

Adding this entity and blocking all VoIP media that doesn’t go through the border TURN server creates a problem for WebRTC communication & development because only one TURN server address can be provided for the peer connection establishment procedure. Since many services require media to go through an application TURN server, the border TURN server is left out of the flow and media that doesn’t go through, is blocked.

Since WebRTC media is always encrypted, what is the point in requiring it to pass through the border TURN server?

RTCWeb.in Services — Hire Best Custom WebRTC Development Services | Top WebRTC App Development Solutions | Real-time Communication

Since all media flows through the border TURN server, there are some basic things it can “know” — such as the source, destination and length of a call.

With this knowledge, the server can block calls from black listed addresses, limit/monitor call duration and collect this information.

These capabilities are pretty basic and I wanted to know if there was more a border TURN server can detect in an encrypted media stream.

Some might be surprised to learn that there is a significant amount of information that can be extracted from an encrypted media stream. There are studies that show it is possible to identify the language of the conversation. Other studies show it is possible to unveil the identity of the speakers on such a call and even create approximate transcriptsof encrypted VoIP calls by identifying words in the stream.

Key Takeaways

  • Border TURN servers are being deployed at enterprises. Though they impose problems on WebRTC communication, RETURN is planned by the IETF as a solution.
  • Given the limitations border TURN servers impose on OTT traffic, my personal view is that they would be counterproductive in most cases as they limit Bring Your Own OTT (BYOO) in the enterprise
  • If you thought that your WebRTC call is private…think again.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store