How WebRTC Uses SRTP for Secure Media

WebRTC (Web Real-Time Communication) relies on the Secure Real-time Transport Protocol (SRTP) to ensure that audio and video streams transmitted between peers remain private and secure. This article explores how WebRTC integrates SRTP, the cryptographic mechanisms behind it, and why this protocol is essential for preventing eavesdropping and tampering during real-time communication.

What is SRTP?

The Real-time Transport Protocol (RTP) is the standard format for delivering audio and video over IP networks. However, standard RTP does not have built-in security features. SRTP is a security profile that extends RTP to provide:

WebRTC mandates the use of SRTP for all media streams. Unencrypted RTP is not permitted in the WebRTC specification.

Key Exchange via DTLS-SRTP

Before SRTP can encrypt media, the two connecting peers must securely agree on encryption keys without exposing them to intermediaries. WebRTC accomplishes this using Datagram Transport Layer Security (DTLS).

The process, known as DTLS-SRTP, operates in the following sequence:

  1. Connection Establishment: The peers use ICE (Interactive Connectivity Establishment) to find a direct network path and establish a connection.
  2. DTLS Handshake: Once connected, the peers perform a DTLS handshake over the established data path. This handshake allows the peers to authenticate each other using self-signed certificates (which are validated against fingerprints exchanged earlier in the Session Description Protocol (SDP) signaling).
  3. Key Derivation: During the DTLS handshake, the peers negotiate cryptographic algorithms and generate a shared master secret. This secret is used to derive the encryption and authentication keys specifically for the SRTP media session.

By using DTLS to generate the keys, WebRTC ensures that key exchange happens directly between the peers (end-to-end), preventing signaling servers from accessing the media keys.

How SRTP Secures Media Packets

Once the keys are established, the WebRTC media engine processes outgoing media through the SRTP layer.

1. Selective Encryption

SRTP does not encrypt the entire packet. It encrypts only the RTP payload (the actual video or audio data). The RTP header—which contains routing information like sequence numbers, timestamps, and payload types—remains unencrypted. This allows network routers to prioritize and route the packets efficiently without needing to decrypt the media content.

2. Message Authentication and Integrity

To prevent tampering, SRTP appends a Cryptographic Message Authentication Code (HMAC) to the end of each packet. WebRTC commonly uses algorithms like HMAC-SHA1 or AEAD (Authenticated Encryption with Associated Data) ciphers like AES-GCM. The receiver uses this code to verify that the packet header and encrypted payload have not been modified since they were sent.

3. Replay Protection

SRTP maintains a “sliding window” index of recently received packet sequence numbers. If an attacker captures an SRTP packet and attempts to inject it back into the stream later, the receiver detects the duplicate sequence number and immediately discards the packet.

Conclusion

WebRTC utilizes SRTP to guarantee end-to-end security for real-time media. By combining DTLS for secure peer-to-peer key exchange with SRTP for low-latency media encryption, authentication, and replay protection, WebRTC ensures that web-based voice and video communications remain private, secure, and tamper-proof.