Three pieces of advice when encrypting video communications
The open-source developer VNC lists the most important parameters that should be considered when encrypting video streams.
Both in working life (home office) and in education (homeschooling), videoconferencing has become an elementary communication channel that is now indispensable. Virtual Network Consult AG, based in Zug, Switzerland, believes that end-to-end encryption of video streams is the right way to achieve greater security. In this context, VNC names three important criteria in particular:
1. encryption via WebRTC: WebRTC is a proven industry standard for securing video streams. Similar to the Https protocol and like a VPN connection, the data is secured by a hermetic tunnel. WebRTC should be standard in modern video applications as secure encryption for video conferencing. WebRTC peer-to-peer is often sufficient for small numbers of participants and low bandwidth requirements.
2. the use of video bridges: However, with higher numbers of participants, the performance of WebRTC goes to its knees. This is why WebRTC-compatible video bridges are needed, as they require less bandwidth on the client side and are therefore more suitable for multiple video communication. Encryption of the transport connections is still based on WebRTC. The video bridge itself is operated on dedicated servers, which should be under the control of the respective organization. If video conferences are recorded, these often very large files should of course also be stored in encrypted form. The same also applies to whiteboards, for example.
3. end-to-end encryption: Videoconferencing is usually one of many communication channels, such as messenger, chat or e-mail, that are used in collaboration. Often, one or more formats are used in parallel. Therefore, from a security perspective, it is important to avoid application proliferation. Integrated communication suites with a common code base for all functional modules facilitate end-to-end encryption. This also generally applies to auditability of security standards. Partially functional video solutions on a closed-source basis, in contrast to open-source solutions, use proprietary, non-standardized software modules and thus make security audits more difficult. OMEMO-based encryption is therefore recommended for chat applications.
Source: VNC