SlideShare ist ein Scribd-Unternehmen logo

Insertable Streams and E2EE @ ClueCon2020

L
Lorenzo Miniero

Slides for the presentation on Insertable Streams and E2EE in WebRTC I presented at the virtual edition of ClueCon 2020. After an introduction on the past and recent E2EE efforts, the slides also present some efforts to integrate the technology in the Janus WebRTC server as well.

Technologie
1 von 52
Downloaden Sie, um offline zu lesen
Insertable Streams and E2EE in WebRTC: a Janus story Lorenzo Miniero ClueCon – Chicago, IL, USA (kinda!) August 5th 2020
Who am I? Lorenzo Miniero • Ph.D @ UniNA • Chairman @ Meetecho • Main author of Janus® Contacts and info • lorenzo@meetecho.com • https://twitter.com/elminiero • https://www.slideshare.net/LorenzoMiniero • https://soundcloud.com/lminiero
Just a few words on Meetecho • Co-founded in 2009 as an academic spin-off • University research efforts brought to the market • Completely independent from the University • Focus on real-time multimedia applications • Strong perspective on standardization and open source • Several activities • Consulting services • Commercial support and Janus licenses • Streaming of live events (IETF, ACM, etc.) • Proudly brewed in sunny Napoli, Italy
Home Sweet Home!
WebRTC reference architecture: peer-to-peer
WebRTC reference architecture: peer-to-peer
Involving a server as a peer
Involving a server as a peer
Breaking end-to-end encryption
Many reasons why that may be needed • Server being a “MITM” is often a feature, actually • It may need to transcode media • An MCU even more so! (e.g., FreeSwitch) • Recordings typically need access to unencrypted media too • Even when just relaying, access to payload may be sometimes required • e.g., Simulcast or SVC • Codec-specific info (e.g., temporal layer) may be in the payload • RTP headers would still need to be editable Can you get true E2EE even through a server? • Short answer: YES! • Slightly longer answer: it’s not that easy, though...
Many reasons why that may be needed • Server being a “MITM” is often a feature, actually • It may need to transcode media • An MCU even more so! (e.g., FreeSwitch) • Recordings typically need access to unencrypted media too • Even when just relaying, access to payload may be sometimes required • e.g., Simulcast or SVC • Codec-specific info (e.g., temporal layer) may be in the payload • RTP headers would still need to be editable Can you get true E2EE even through a server? • Short answer: YES! • Slightly longer answer: it’s not that easy, though...
Many reasons why that may be needed • Server being a “MITM” is often a feature, actually • It may need to transcode media • An MCU even more so! (e.g., FreeSwitch) • Recordings typically need access to unencrypted media too • Even when just relaying, access to payload may be sometimes required • e.g., Simulcast or SVC • Codec-specific info (e.g., temporal layer) may be in the payload • RTP headers would still need to be editable Can you get true E2EE even through a server? • Short answer: YES! • Slightly longer answer: it’s not that easy, though...
Many reasons why that may be needed • Server being a “MITM” is often a feature, actually • It may need to transcode media • An MCU even more so! (e.g., FreeSwitch) • Recordings typically need access to unencrypted media too • Even when just relaying, access to payload may be sometimes required • e.g., Simulcast or SVC • Codec-specific info (e.g., temporal layer) may be in the payload • RTP headers would still need to be editable Can you get true E2EE even through a server? • Short answer: YES! • Slightly longer answer: it’s not that easy, though...
An excellent talk on the challenges of E2EE! https://www.youtube.com/watch?v=a0vhHmONWlw
Privacy Enhanced RTP Conferencing (PERC) https://datatracker.ietf.org/wg/perc/about/
Not very popular among WebRTC developers, though... https://mailarchive.ietf.org/arch/msg/perc/x1HjohPL6ISuoNj7eE6HEre7O1E/
A simpler approach: PERC “Lite”
PERC Lite and Janus https://www.meetecho.com/blog/meetecho-and-cosmo-strike-again-perc-lite-integration-in-janus/
PERC Lite and Janus https://www.meetecho.com/blog/meetecho-and-cosmo-strike-again-perc-lite-integration-in-janus/
Replaying encrypted recordings (“DRM”)
Replaying encrypted recordings (“DRM”)
Enter Insertable Streams! • New browser API that allows custom processing on WebRTC frames • Key use case −→ E2EE! • Works with encoded frames, not individual packets • [OUT] audio/video frames after they’ve been encoded, but before RTP packetization • [IN] audio/video frames before they’ve been decoded, but after RTP de-packetization • Working with frames makes it protocol agnostic • Today it’s RTP, tomorrow it might be QUIC Some useful reads • https://www.meetecho.com/blog/janus-e2ee-sframe/ • https://webrtcbydralex.com/index.php/2020/03/30/ • https://webrtchacks.com/true-end-to-end-encryption-with-webrtc-insertable-streams/
Enter Insertable Streams! • New browser API that allows custom processing on WebRTC frames • Key use case −→ E2EE! • Works with encoded frames, not individual packets • [OUT] audio/video frames after they’ve been encoded, but before RTP packetization • [IN] audio/video frames before they’ve been decoded, but after RTP de-packetization • Working with frames makes it protocol agnostic • Today it’s RTP, tomorrow it might be QUIC Some useful reads • https://www.meetecho.com/blog/janus-e2ee-sframe/ • https://webrtcbydralex.com/index.php/2020/03/30/ • https://webrtchacks.com/true-end-to-end-encryption-with-webrtc-insertable-streams/
Enter Insertable Streams! • New browser API that allows custom processing on WebRTC frames • Key use case −→ E2EE! • Works with encoded frames, not individual packets • [OUT] audio/video frames after they’ve been encoded, but before RTP packetization • [IN] audio/video frames before they’ve been decoded, but after RTP de-packetization • Working with frames makes it protocol agnostic • Today it’s RTP, tomorrow it might be QUIC Some useful reads • https://www.meetecho.com/blog/janus-e2ee-sframe/ • https://webrtcbydralex.com/index.php/2020/03/30/ • https://webrtchacks.com/true-end-to-end-encryption-with-webrtc-insertable-streams/
Enter Insertable Streams! • New browser API that allows custom processing on WebRTC frames • Key use case −→ E2EE! • Works with encoded frames, not individual packets • [OUT] audio/video frames after they’ve been encoded, but before RTP packetization • [IN] audio/video frames before they’ve been decoded, but after RTP de-packetization • Working with frames makes it protocol agnostic • Today it’s RTP, tomorrow it might be QUIC Some useful reads • https://www.meetecho.com/blog/janus-e2ee-sframe/ • https://webrtcbydralex.com/index.php/2020/03/30/ • https://webrtchacks.com/true-end-to-end-encryption-with-webrtc-insertable-streams/
Insertable Streams workflow
Insertable Streams workflow
A few challenges with this approach • Encrypted payload may make life harder for SFUs • Useful info usually available in the payload • e.g., how to detect if we got a keyframe? • A few different solutions to this • Keep the first bytes unencrypted? (where that info is) • Ad-hoc RTP extensions for metadata (spec on its way!) • Encrypting the payload may confuse the RTP (de)packetizer • Each video codec has different rules • e.g., H.264 uses NALs, which wouldn’t be visible anymore • Solution more tricky to find, here • Keep info used for splitting unencrypted? (codec specific) • Even better, use a global RTP packetization for all codecs (spec coming!)
A few challenges with this approach • Encrypted payload may make life harder for SFUs • Useful info usually available in the payload • e.g., how to detect if we got a keyframe? • A few different solutions to this • Keep the first bytes unencrypted? (where that info is) • Ad-hoc RTP extensions for metadata (spec on its way!) • Encrypting the payload may confuse the RTP (de)packetizer • Each video codec has different rules • e.g., H.264 uses NALs, which wouldn’t be visible anymore • Solution more tricky to find, here • Keep info used for splitting unencrypted? (codec specific) • Even better, use a global RTP packetization for all codecs (spec coming!)
A few challenges with this approach • Encrypted payload may make life harder for SFUs • Useful info usually available in the payload • e.g., how to detect if we got a keyframe? • A few different solutions to this • Keep the first bytes unencrypted? (where that info is) • Ad-hoc RTP extensions for metadata (spec on its way!) • Encrypting the payload may confuse the RTP (de)packetizer • Each video codec has different rules • e.g., H.264 uses NALs, which wouldn’t be visible anymore • Solution more tricky to find, here • Keep info used for splitting unencrypted? (codec specific) • Even better, use a global RTP packetization for all codecs (spec coming!)
A few challenges with this approach • Encrypted payload may make life harder for SFUs • Useful info usually available in the payload • e.g., how to detect if we got a keyframe? • A few different solutions to this • Keep the first bytes unencrypted? (where that info is) • Ad-hoc RTP extensions for metadata (spec on its way!) • Encrypting the payload may confuse the RTP (de)packetizer • Each video codec has different rules • e.g., H.264 uses NALs, which wouldn’t be visible anymore • Solution more tricky to find, here • Keep info used for splitting unencrypted? (codec specific) • Even better, use a global RTP packetization for all codecs (spec coming!)
Enabling Insertable Streams pc = new RTCPeerConnection({ encodedInsertableStreams: true, forceEncodedAudioInsertableStreams: true, forceEncodedVideoInsertableStreams: true });
Adding a Sender Trasform senderTransform = new TransformStream({ start() { // Called on startup. }, transform(chunk, controller) { // Frame encoded, edit payload and return it [..] controller.enqueue(chunk); }, flush() { // Called when the stream is about to be closed } }); sender = pc.addTrack(track, stream) senderStreams = sender.createEncodedVideoStreams(); senderStreams.readableStream .pipeThrough(senderTransform) .pipeTo(senderStreams.writableStream);
Adding a Receiver Trasform as well receiverTransform = new TransformStream({ start() { // Called on startup. }, transform(chunk, controller) { // Received frame, edit payload and return it [..] controller.enqueue(chunk); }, flush() { // Called when the stream is about to be closed } }); pc.ontrack = function(event) { [..] receiverStreams = event.receiver.createEncodedVideoStreams(); receiverStreams.readableStream .pipeThrough(receiverTransform) .pipeTo(receiverStreams.writableStream); }
Integrated in janus.js a few weeks ago echotest.createOffer({ media: { audio: true, video: true }, senderTransforms: { audio: new TransformStream({ .. }), video: new TransformStream({ .. }) }, receiverTransforms: { audio: new TransformStream({ .. }), video: new TransformStream({ .. }) }, [..] success: function(jsep) { // Send offer to Janus } }); https://github.com/meetecho/janus-gateway/pull/2074
Testing basic E2EE in the Janus demos https://janus.conf.meetecho.com/e2etest
Testing basic E2EE in the Janus demos https://janus.conf.meetecho.com/e2etest
A step forward: Secure Frames (SFrame) • Co-developed by CoSMo and Google • Used in Google Duo for E2EE for a long time already • https://cosmosoftware.io/secure-frames-sframes/ • https://www.gstatic.com/duo/papers/duo_e2ee.pdf/ • Recently brought to the IETF as well (presented in DISPATCH @ IETF108) • https://tools.ietf.org/html/draft-omara-sframe-00 • https://mailarchive.ietf.org/arch/browse/sframe/ • Learned lessons from previous E2EE attempts • Minimizes overhead and impact on servers and clients • Works of frames, not packets, so transport agnostic • Interaction with KMS done out of band, and KMS agnostic (e.g., Signal or MLS)
A step forward: Secure Frames (SFrame) • Co-developed by CoSMo and Google • Used in Google Duo for E2EE for a long time already • https://cosmosoftware.io/secure-frames-sframes/ • https://www.gstatic.com/duo/papers/duo_e2ee.pdf/ • Recently brought to the IETF as well (presented in DISPATCH @ IETF108) • https://tools.ietf.org/html/draft-omara-sframe-00 • https://mailarchive.ietf.org/arch/browse/sframe/ • Learned lessons from previous E2EE attempts • Minimizes overhead and impact on servers and clients • Works of frames, not packets, so transport agnostic • Interaction with KMS done out of band, and KMS agnostic (e.g., Signal or MLS)
A step forward: Secure Frames (SFrame) • Co-developed by CoSMo and Google • Used in Google Duo for E2EE for a long time already • https://cosmosoftware.io/secure-frames-sframes/ • https://www.gstatic.com/duo/papers/duo_e2ee.pdf/ • Recently brought to the IETF as well (presented in DISPATCH @ IETF108) • https://tools.ietf.org/html/draft-omara-sframe-00 • https://mailarchive.ietf.org/arch/browse/sframe/ • Learned lessons from previous E2EE attempts • Minimizes overhead and impact on servers and clients • Works of frames, not packets, so transport agnostic • Interaction with KMS done out of band, and KMS agnostic (e.g., Signal or MLS)
A step forward: Secure Frames (SFrame)
A step forward: Secure Frames (SFrame)
SFrame.js: an open source SFrame library • Pure javascript library implementing SFrame using webcrypto • Developed by Sergio Garcia Murillo • https://github.com/medooze/sframe • Described in detail in a blog post and in the CommCon presentation • https://medium.com/@medooze/sframe-js-end-to-end-encryption-for-webrtc- f9a83a997d6d • https://www.youtube.com/watch?v=a0vhHmONWlw • Basically provides everything except the Key Management System (KMS) • Which makes sense, that should be up to you anyway! Helped Sergio testing it while integrating it in janus.js https://www.meetecho.com/blog/janus-e2ee-sframe/
SFrame.js: an open source SFrame library • Pure javascript library implementing SFrame using webcrypto • Developed by Sergio Garcia Murillo • https://github.com/medooze/sframe • Described in detail in a blog post and in the CommCon presentation • https://medium.com/@medooze/sframe-js-end-to-end-encryption-for-webrtc- f9a83a997d6d • https://www.youtube.com/watch?v=a0vhHmONWlw • Basically provides everything except the Key Management System (KMS) • Which makes sense, that should be up to you anyway! Helped Sergio testing it while integrating it in janus.js https://www.meetecho.com/blog/janus-e2ee-sframe/
SFrame.js: an open source SFrame library • Pure javascript library implementing SFrame using webcrypto • Developed by Sergio Garcia Murillo • https://github.com/medooze/sframe • Described in detail in a blog post and in the CommCon presentation • https://medium.com/@medooze/sframe-js-end-to-end-encryption-for-webrtc- f9a83a997d6d • https://www.youtube.com/watch?v=a0vhHmONWlw • Basically provides everything except the Key Management System (KMS) • Which makes sense, that should be up to you anyway! Helped Sergio testing it while integrating it in janus.js https://www.meetecho.com/blog/janus-e2ee-sframe/
SFrame.js: an open source SFrame library • Pure javascript library implementing SFrame using webcrypto • Developed by Sergio Garcia Murillo • https://github.com/medooze/sframe • Described in detail in a blog post and in the CommCon presentation • https://medium.com/@medooze/sframe-js-end-to-end-encryption-for-webrtc- f9a83a997d6d • https://www.youtube.com/watch?v=a0vhHmONWlw • Basically provides everything except the Key Management System (KMS) • Which makes sense, that should be up to you anyway! Helped Sergio testing it while integrating it in janus.js https://www.meetecho.com/blog/janus-e2ee-sframe/
Integrating SFrame.js in janus.js import {Janus} from ’./janus.js’; import {SFrame} from ’./sframe/Client.js’; ... echotest.createOffer({ media: { audio: true, video: true }, sframe: { outgoingId: 0, incomingId: 0, sharedKey: cryptoKey, // Generated previously keyPair: keyPair // Generated previously }, [..] success: function(jsep) { // Send offer to Janus } });
Integrating SFrame.js in janus.js if(callbacks.sframe) { Janus.log("Using SFrame to encrypt media end-to-end:", callbacks.sframe); config.sframe = callbacks.sframe; config.sframeClient = await SFrame.createClient(config.sframe.outgoingId, {}); // Sender part await config.sframeClient.setSenderEncryptionKey(config.sframe.shared); if(config.sframe.keyPair && config.sframe.keyPair.privateKey) { await config.sframeClient.setSenderSigningKey(config.sframe.keyPair.privateKey); } // Receiver part if(config.sframe.incomingId !== undefined && config.sframe.incomingId !== null) { await config.sframeClient.addReceiver(config.sframe.incomingId); await config.sframeClient.setReceiverEncryptionKey(config.sframe.incomingId, callbacks.sframe.shared); if(config.sframe.keyPair && config.sframe.keyPair.publicKey) { await config.sframeClient.setReceiverVerifyKey(config.sframe.incomingId, config.sframe.keyPair.publicKey); } } }
Integrating SFrame.js in janus.js // Have SFrame.js configure the Sender Transform var sender = config.pc.addTrack(track, stream); config.sframeClient.encrypt(sender.track.id, sender); ... // Have SFrame.js configure the Receiver Transform config.pc.ontrack = function(event) { [..] config.sframeClient.decrypt(event.track.id, event.receiver); [..] }
Testing SFrame with Janus https://www.meetecho.com/blog/janus-e2ee-sframe/
Testing SFrame with Janus https://www.meetecho.com/blog/janus-e2ee-sframe/
Thanks! Questions? Comments? Get in touch! • https://twitter.com/elminiero • https://twitter.com/meetecho • https://www.meetecho.com

Empfohlen

Janus + Audio @ Open Source World
Janus + Audio @ Open Source WorldJanus + Audio @ Open Source World
Janus + Audio @ Open Source WorldLorenzo Miniero
 
Simulcast/SVC @ IIT-RTC 2019
Simulcast/SVC @ IIT-RTC 2019Simulcast/SVC @ IIT-RTC 2019
Simulcast/SVC @ IIT-RTC 2019Lorenzo Miniero
 
Write a SocialTV app @ OpenSIPS 2021
Write a SocialTV app @ OpenSIPS 2021Write a SocialTV app @ OpenSIPS 2021
Write a SocialTV app @ OpenSIPS 2021Lorenzo Miniero
 
Scaling WebRTC applications with Janus
Scaling WebRTC applications with JanusScaling WebRTC applications with Janus
Scaling WebRTC applications with JanusLorenzo Miniero
 
Scaling WebRTC deployments with multicast @ IETF 110 MBONED
Scaling WebRTC deployments with multicast @ IETF 110 MBONEDScaling WebRTC deployments with multicast @ IETF 110 MBONED
Scaling WebRTC deployments with multicast @ IETF 110 MBONEDLorenzo Miniero
 
Can SFUs and MCUs be friends @ IIT-RTC 2020
Can SFUs and MCUs be friends @ IIT-RTC 2020Can SFUs and MCUs be friends @ IIT-RTC 2020
Can SFUs and MCUs be friends @ IIT-RTC 2020Lorenzo Miniero
 
Janus Workshop @ ClueCon 2020
Janus Workshop @ ClueCon 2020Janus Workshop @ ClueCon 2020
Janus Workshop @ ClueCon 2020Lorenzo Miniero
 
Fuzzing RTC @ Kamailio World 2019
Fuzzing RTC @ Kamailio World 2019Fuzzing RTC @ Kamailio World 2019
Fuzzing RTC @ Kamailio World 2019Lorenzo Miniero
 

Empfohlen

Janus + Audio @ Open Source World
Janus + Audio @ Open Source WorldJanus + Audio @ Open Source World
Janus + Audio @ Open Source WorldLorenzo Miniero
 
Simulcast/SVC @ IIT-RTC 2019
Simulcast/SVC @ IIT-RTC 2019Simulcast/SVC @ IIT-RTC 2019
Simulcast/SVC @ IIT-RTC 2019Lorenzo Miniero
 
Write a SocialTV app @ OpenSIPS 2021
Write a SocialTV app @ OpenSIPS 2021Write a SocialTV app @ OpenSIPS 2021
Write a SocialTV app @ OpenSIPS 2021Lorenzo Miniero
 
Scaling WebRTC applications with Janus
Scaling WebRTC applications with JanusScaling WebRTC applications with Janus
Scaling WebRTC applications with JanusLorenzo Miniero
 
Scaling WebRTC deployments with multicast @ IETF 110 MBONED
Scaling WebRTC deployments with multicast @ IETF 110 MBONEDScaling WebRTC deployments with multicast @ IETF 110 MBONED
Scaling WebRTC deployments with multicast @ IETF 110 MBONEDLorenzo Miniero
 
Can SFUs and MCUs be friends @ IIT-RTC 2020
Can SFUs and MCUs be friends @ IIT-RTC 2020Can SFUs and MCUs be friends @ IIT-RTC 2020
Can SFUs and MCUs be friends @ IIT-RTC 2020Lorenzo Miniero
 
Janus Workshop @ ClueCon 2020
Janus Workshop @ ClueCon 2020Janus Workshop @ ClueCon 2020
Janus Workshop @ ClueCon 2020Lorenzo Miniero
 
Fuzzing RTC @ Kamailio World 2019
Fuzzing RTC @ Kamailio World 2019Fuzzing RTC @ Kamailio World 2019
Fuzzing RTC @ Kamailio World 2019Lorenzo Miniero
 
Janus Workshop pt.2 @ ClueCon 2021
Janus Workshop pt.2 @ ClueCon 2021Janus Workshop pt.2 @ ClueCon 2021
Janus Workshop pt.2 @ ClueCon 2021Lorenzo Miniero
 
Can WebRTC help musicians? @ FOSDEM 2021
Can WebRTC help musicians? @ FOSDEM 2021Can WebRTC help musicians? @ FOSDEM 2021
Can WebRTC help musicians? @ FOSDEM 2021Lorenzo Miniero
 
Janus @ ClueCon 2019
Janus @ ClueCon 2019Janus @ ClueCon 2019
Janus @ ClueCon 2019Lorenzo Miniero
 
WebRTC security+more @ KamailioWorld 2018
WebRTC security+more @ KamailioWorld 2018WebRTC security+more @ KamailioWorld 2018
WebRTC security+more @ KamailioWorld 2018Lorenzo Miniero
 
WebRTC, RED and Janus @ ClueCon21
WebRTC, RED and Janus @ ClueCon21WebRTC, RED and Janus @ ClueCon21
WebRTC, RED and Janus @ ClueCon21Lorenzo Miniero
 
FOSDEM2018 Janus Lua plugin presentation
FOSDEM2018 Janus Lua plugin presentationFOSDEM2018 Janus Lua plugin presentation
FOSDEM2018 Janus Lua plugin presentationLorenzo Miniero
 
Janus @ WebRTC Meetup Stockholm
Janus @ WebRTC Meetup StockholmJanus @ WebRTC Meetup Stockholm
Janus @ WebRTC Meetup StockholmLorenzo Miniero
 
Fuzzing Janus @ IPTComm 2019
Fuzzing Janus @ IPTComm 2019Fuzzing Janus @ IPTComm 2019
Fuzzing Janus @ IPTComm 2019Lorenzo Miniero
 
Janus/SIP @ OpenSIPS 2019
Janus/SIP @ OpenSIPS 2019Janus/SIP @ OpenSIPS 2019
Janus/SIP @ OpenSIPS 2019Lorenzo Miniero
 
Janus/SIP @ OpenSIPS 2017
Janus/SIP @ OpenSIPS 2017Janus/SIP @ OpenSIPS 2017
Janus/SIP @ OpenSIPS 2017Lorenzo Miniero
 
WHIP and Janus @ IIT-RTC 2021
WHIP and Janus @ IIT-RTC 2021WHIP and Janus @ IIT-RTC 2021
WHIP and Janus @ IIT-RTC 2021Lorenzo Miniero
 
Janus @ RTC2017 Beijing
Janus @ RTC2017 BeijingJanus @ RTC2017 Beijing
Janus @ RTC2017 BeijingLorenzo Miniero
 
IETF remote participation via Meetecho @ WebRTC Meetup Stockholm
IETF remote participation via Meetecho @ WebRTC Meetup StockholmIETF remote participation via Meetecho @ WebRTC Meetup Stockholm
IETF remote participation via Meetecho @ WebRTC Meetup StockholmLorenzo Miniero
 
WebRTC Rockstars Asian Tour 2017
WebRTC Rockstars Asian Tour 2017WebRTC Rockstars Asian Tour 2017
WebRTC Rockstars Asian Tour 2017Lorenzo Miniero
 
Janus + NDI @ ClueCon 2021
Janus + NDI @ ClueCon 2021Janus + NDI @ ClueCon 2021
Janus + NDI @ ClueCon 2021Lorenzo Miniero
 
Turning live events to virtual with Janus
Turning live events to virtual with JanusTurning live events to virtual with Janus
Turning live events to virtual with JanusLorenzo Miniero
 
Virtual IETF meetings with WebRTC @ IETF 109 MOPS
Virtual IETF meetings with WebRTC @ IETF 109 MOPSVirtual IETF meetings with WebRTC @ IETF 109 MOPS
Virtual IETF meetings with WebRTC @ IETF 109 MOPSLorenzo Miniero
 
Janus/Asterisk @ Astricon 2017
Janus/Asterisk @ Astricon 2017Janus/Asterisk @ Astricon 2017
Janus/Asterisk @ Astricon 2017Lorenzo Miniero
 
JamRTC @ Wonder WebRTC unConference
JamRTC @ Wonder WebRTC unConferenceJamRTC @ Wonder WebRTC unConference
JamRTC @ Wonder WebRTC unConferenceLorenzo Miniero
 
SIP/WebRTC load testing @ KamailioWorld 2017
SIP/WebRTC load testing @ KamailioWorld 2017SIP/WebRTC load testing @ KamailioWorld 2017
SIP/WebRTC load testing @ KamailioWorld 2017Lorenzo Miniero
 
WebRTC Broadcasting @ TADSummit 2023
WebRTC Broadcasting @ TADSummit 2023WebRTC Broadcasting @ TADSummit 2023
WebRTC Broadcasting @ TADSummit 2023Lorenzo Miniero
 
WHIP WebRTC Broadcasting @ FOSDEM 2022
WHIP WebRTC Broadcasting @ FOSDEM 2022WHIP WebRTC Broadcasting @ FOSDEM 2022
WHIP WebRTC Broadcasting @ FOSDEM 2022Lorenzo Miniero
 

Weitere ähnliche Inhalte

Was ist angesagt?

Janus Workshop pt.2 @ ClueCon 2021
Janus Workshop pt.2 @ ClueCon 2021Janus Workshop pt.2 @ ClueCon 2021
Janus Workshop pt.2 @ ClueCon 2021Lorenzo Miniero
 
Can WebRTC help musicians? @ FOSDEM 2021
Can WebRTC help musicians? @ FOSDEM 2021Can WebRTC help musicians? @ FOSDEM 2021
Can WebRTC help musicians? @ FOSDEM 2021Lorenzo Miniero
 
WebRTC security+more @ KamailioWorld 2018
WebRTC security+more @ KamailioWorld 2018WebRTC security+more @ KamailioWorld 2018
WebRTC security+more @ KamailioWorld 2018Lorenzo Miniero
 
WebRTC, RED and Janus @ ClueCon21
WebRTC, RED and Janus @ ClueCon21WebRTC, RED and Janus @ ClueCon21
WebRTC, RED and Janus @ ClueCon21Lorenzo Miniero
 
FOSDEM2018 Janus Lua plugin presentation
FOSDEM2018 Janus Lua plugin presentationFOSDEM2018 Janus Lua plugin presentation
FOSDEM2018 Janus Lua plugin presentationLorenzo Miniero
 
Janus @ WebRTC Meetup Stockholm
Janus @ WebRTC Meetup StockholmJanus @ WebRTC Meetup Stockholm
Janus @ WebRTC Meetup StockholmLorenzo Miniero
 
Fuzzing Janus @ IPTComm 2019
Fuzzing Janus @ IPTComm 2019Fuzzing Janus @ IPTComm 2019
Fuzzing Janus @ IPTComm 2019Lorenzo Miniero
 
Janus/SIP @ OpenSIPS 2019
Janus/SIP @ OpenSIPS 2019Janus/SIP @ OpenSIPS 2019
Janus/SIP @ OpenSIPS 2019Lorenzo Miniero
 
Janus/SIP @ OpenSIPS 2017
Janus/SIP @ OpenSIPS 2017Janus/SIP @ OpenSIPS 2017
Janus/SIP @ OpenSIPS 2017Lorenzo Miniero
 
WHIP and Janus @ IIT-RTC 2021
WHIP and Janus @ IIT-RTC 2021WHIP and Janus @ IIT-RTC 2021
WHIP and Janus @ IIT-RTC 2021Lorenzo Miniero
 
IETF remote participation via Meetecho @ WebRTC Meetup Stockholm
IETF remote participation via Meetecho @ WebRTC Meetup StockholmIETF remote participation via Meetecho @ WebRTC Meetup Stockholm
IETF remote participation via Meetecho @ WebRTC Meetup StockholmLorenzo Miniero
 
WebRTC Rockstars Asian Tour 2017
WebRTC Rockstars Asian Tour 2017WebRTC Rockstars Asian Tour 2017
WebRTC Rockstars Asian Tour 2017Lorenzo Miniero
 
Janus + NDI @ ClueCon 2021
Janus + NDI @ ClueCon 2021Janus + NDI @ ClueCon 2021
Janus + NDI @ ClueCon 2021Lorenzo Miniero
 
Turning live events to virtual with Janus
Turning live events to virtual with JanusTurning live events to virtual with Janus
Turning live events to virtual with JanusLorenzo Miniero
 
Virtual IETF meetings with WebRTC @ IETF 109 MOPS
Virtual IETF meetings with WebRTC @ IETF 109 MOPSVirtual IETF meetings with WebRTC @ IETF 109 MOPS
Virtual IETF meetings with WebRTC @ IETF 109 MOPSLorenzo Miniero
 
Janus/Asterisk @ Astricon 2017
Janus/Asterisk @ Astricon 2017Janus/Asterisk @ Astricon 2017
Janus/Asterisk @ Astricon 2017Lorenzo Miniero
 
JamRTC @ Wonder WebRTC unConference
JamRTC @ Wonder WebRTC unConferenceJamRTC @ Wonder WebRTC unConference
JamRTC @ Wonder WebRTC unConferenceLorenzo Miniero
 
SIP/WebRTC load testing @ KamailioWorld 2017
SIP/WebRTC load testing @ KamailioWorld 2017SIP/WebRTC load testing @ KamailioWorld 2017
SIP/WebRTC load testing @ KamailioWorld 2017Lorenzo Miniero
 

Was ist angesagt? (20)

Janus Workshop pt.2 @ ClueCon 2021
Janus Workshop pt.2 @ ClueCon 2021Janus Workshop pt.2 @ ClueCon 2021
Janus Workshop pt.2 @ ClueCon 2021
 
Can WebRTC help musicians? @ FOSDEM 2021
Can WebRTC help musicians? @ FOSDEM 2021Can WebRTC help musicians? @ FOSDEM 2021
Can WebRTC help musicians? @ FOSDEM 2021
 
Janus @ ClueCon 2019
Janus @ ClueCon 2019Janus @ ClueCon 2019
Janus @ ClueCon 2019
 
WebRTC security+more @ KamailioWorld 2018
WebRTC security+more @ KamailioWorld 2018WebRTC security+more @ KamailioWorld 2018
WebRTC security+more @ KamailioWorld 2018
 
WebRTC, RED and Janus @ ClueCon21
WebRTC, RED and Janus @ ClueCon21WebRTC, RED and Janus @ ClueCon21
WebRTC, RED and Janus @ ClueCon21
 
FOSDEM2018 Janus Lua plugin presentation
FOSDEM2018 Janus Lua plugin presentationFOSDEM2018 Janus Lua plugin presentation
FOSDEM2018 Janus Lua plugin presentation
 
Janus @ WebRTC Meetup Stockholm
Janus @ WebRTC Meetup StockholmJanus @ WebRTC Meetup Stockholm
Janus @ WebRTC Meetup Stockholm
 
Fuzzing Janus @ IPTComm 2019
Fuzzing Janus @ IPTComm 2019Fuzzing Janus @ IPTComm 2019
Fuzzing Janus @ IPTComm 2019
 
Janus/SIP @ OpenSIPS 2019
Janus/SIP @ OpenSIPS 2019Janus/SIP @ OpenSIPS 2019
Janus/SIP @ OpenSIPS 2019
 
Janus/SIP @ OpenSIPS 2017
Janus/SIP @ OpenSIPS 2017Janus/SIP @ OpenSIPS 2017
Janus/SIP @ OpenSIPS 2017
 
WHIP and Janus @ IIT-RTC 2021
WHIP and Janus @ IIT-RTC 2021WHIP and Janus @ IIT-RTC 2021
WHIP and Janus @ IIT-RTC 2021
 
Janus @ RTC2017 Beijing
Janus @ RTC2017 BeijingJanus @ RTC2017 Beijing
Janus @ RTC2017 Beijing
 
IETF remote participation via Meetecho @ WebRTC Meetup Stockholm
IETF remote participation via Meetecho @ WebRTC Meetup StockholmIETF remote participation via Meetecho @ WebRTC Meetup Stockholm
IETF remote participation via Meetecho @ WebRTC Meetup Stockholm
 
WebRTC Rockstars Asian Tour 2017
WebRTC Rockstars Asian Tour 2017WebRTC Rockstars Asian Tour 2017
WebRTC Rockstars Asian Tour 2017
 
Janus + NDI @ ClueCon 2021
Janus + NDI @ ClueCon 2021Janus + NDI @ ClueCon 2021
Janus + NDI @ ClueCon 2021
 
Turning live events to virtual with Janus
Turning live events to virtual with JanusTurning live events to virtual with Janus
Turning live events to virtual with Janus
 
Virtual IETF meetings with WebRTC @ IETF 109 MOPS
Virtual IETF meetings with WebRTC @ IETF 109 MOPSVirtual IETF meetings with WebRTC @ IETF 109 MOPS
Virtual IETF meetings with WebRTC @ IETF 109 MOPS
 
Janus/Asterisk @ Astricon 2017
Janus/Asterisk @ Astricon 2017Janus/Asterisk @ Astricon 2017
Janus/Asterisk @ Astricon 2017
 
JamRTC @ Wonder WebRTC unConference
JamRTC @ Wonder WebRTC unConferenceJamRTC @ Wonder WebRTC unConference
JamRTC @ Wonder WebRTC unConference
 
SIP/WebRTC load testing @ KamailioWorld 2017
SIP/WebRTC load testing @ KamailioWorld 2017SIP/WebRTC load testing @ KamailioWorld 2017
SIP/WebRTC load testing @ KamailioWorld 2017
 

Ähnlich wie Insertable Streams and E2EE @ ClueCon2020

WebRTC Broadcasting @ TADSummit 2023
WebRTC Broadcasting @ TADSummit 2023WebRTC Broadcasting @ TADSummit 2023
WebRTC Broadcasting @ TADSummit 2023Lorenzo Miniero
 
WHIP WebRTC Broadcasting @ FOSDEM 2022
WHIP WebRTC Broadcasting @ FOSDEM 2022WHIP WebRTC Broadcasting @ FOSDEM 2022
WHIP WebRTC Broadcasting @ FOSDEM 2022Lorenzo Miniero
 
Janus RTP forwarders @ FOSDEM 2020
Janus RTP forwarders @ FOSDEM 2020Janus RTP forwarders @ FOSDEM 2020
Janus RTP forwarders @ FOSDEM 2020Lorenzo Miniero
 
Upperside Webinar - WebRTC Standards Update
Upperside Webinar - WebRTC Standards UpdateUpperside Webinar - WebRTC Standards Update
Upperside Webinar - WebRTC Standards UpdateUppersideConferences
 
FOSDEM 2020: How can we make WebRTC Easier?
FOSDEM 2020: How can we make WebRTC Easier?FOSDEM 2020: How can we make WebRTC Easier?
FOSDEM 2020: How can we make WebRTC Easier?SeanDuBois3
 
A Progressive Approach to the Past: Ensuring Backwards Compatability Through ...
A Progressive Approach to the Past: Ensuring Backwards Compatability Through ...A Progressive Approach to the Past: Ensuring Backwards Compatability Through ...
A Progressive Approach to the Past: Ensuring Backwards Compatability Through ...Derek Buitenhuis
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLinaro
 
WebRTC standards update - November 2014
WebRTC standards update - November 2014WebRTC standards update - November 2014
WebRTC standards update - November 2014Victor Pascual Ávila
 
HIS 2017 Roderick chapman- Secure Updates for Embedded Systems
HIS 2017 Roderick chapman- Secure Updates for Embedded SystemsHIS 2017 Roderick chapman- Secure Updates for Embedded Systems
HIS 2017 Roderick chapman- Secure Updates for Embedded Systemsjamieayre
 
Privacy Enhanced RTP Conferencing with WebRTC - PERC
Privacy Enhanced RTP Conferencing with WebRTC - PERCPrivacy Enhanced RTP Conferencing with WebRTC - PERC
Privacy Enhanced RTP Conferencing with WebRTC - PERCArnaud BUDKIEWICZ
 
Bridging_WebRTC_with_SIP_Alberto_WebRTCventures_Cluecon2023_NoVideo.pptx
Bridging_WebRTC_with_SIP_Alberto_WebRTCventures_Cluecon2023_NoVideo.pptxBridging_WebRTC_with_SIP_Alberto_WebRTCventures_Cluecon2023_NoVideo.pptx
Bridging_WebRTC_with_SIP_Alberto_WebRTCventures_Cluecon2023_NoVideo.pptxAlberto González Trastoy
 
WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...
WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...
WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...Amir Zmora
 
WebRTC Standards & Implementation Q&A - IP address privacy revisited
WebRTC Standards & Implementation Q&A - IP address privacy revisitedWebRTC Standards & Implementation Q&A - IP address privacy revisited
WebRTC Standards & Implementation Q&A - IP address privacy revisitedAmir Zmora
 
Moving to software-based production workflows and containerisation of media a...
Moving to software-based production workflows and containerisation of media a...Moving to software-based production workflows and containerisation of media a...
Moving to software-based production workflows and containerisation of media a...Kieran Kunhya
 
Toward low-latency Java applications - javaOne 2014
Toward low-latency Java applications - javaOne 2014Toward low-latency Java applications - javaOne 2014
Toward low-latency Java applications - javaOne 2014John Davies
 
Janus: an open source and general purpose WebRTC (gateway) server
Janus: an open source and general purpose WebRTC (gateway) serverJanus: an open source and general purpose WebRTC (gateway) server
Janus: an open source and general purpose WebRTC (gateway) serverDevDay
 
Upperside Webinar- WebRTC from the service provider prism-final
Upperside Webinar- WebRTC from the service provider prism-finalUpperside Webinar- WebRTC from the service provider prism-final
Upperside Webinar- WebRTC from the service provider prism-finalAmir Zmora
 

Ähnlich wie Insertable Streams and E2EE @ ClueCon2020 (20)

WebRTC Broadcasting @ TADSummit 2023
WebRTC Broadcasting @ TADSummit 2023WebRTC Broadcasting @ TADSummit 2023
WebRTC Broadcasting @ TADSummit 2023
 
WHIP WebRTC Broadcasting @ FOSDEM 2022
WHIP WebRTC Broadcasting @ FOSDEM 2022WHIP WebRTC Broadcasting @ FOSDEM 2022
WHIP WebRTC Broadcasting @ FOSDEM 2022
 
Janus RTP forwarders @ FOSDEM 2020
Janus RTP forwarders @ FOSDEM 2020Janus RTP forwarders @ FOSDEM 2020
Janus RTP forwarders @ FOSDEM 2020
 
Upperside Webinar - WebRTC Standards Update
Upperside Webinar - WebRTC Standards UpdateUpperside Webinar - WebRTC Standards Update
Upperside Webinar - WebRTC Standards Update
 
BWE in Janus
BWE in JanusBWE in Janus
BWE in Janus
 
FOSDEM 2020: How can we make WebRTC Easier?
FOSDEM 2020: How can we make WebRTC Easier?FOSDEM 2020: How can we make WebRTC Easier?
FOSDEM 2020: How can we make WebRTC Easier?
 
A Progressive Approach to the Past: Ensuring Backwards Compatability Through ...
A Progressive Approach to the Past: Ensuring Backwards Compatability Through ...A Progressive Approach to the Past: Ensuring Backwards Compatability Through ...
A Progressive Approach to the Past: Ensuring Backwards Compatability Through ...
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solution
 
WebRTC standards update - November 2014
WebRTC standards update - November 2014WebRTC standards update - November 2014
WebRTC standards update - November 2014
 
HIS 2017 Roderick chapman- Secure Updates for Embedded Systems
HIS 2017 Roderick chapman- Secure Updates for Embedded SystemsHIS 2017 Roderick chapman- Secure Updates for Embedded Systems
HIS 2017 Roderick chapman- Secure Updates for Embedded Systems
 
Privacy Enhanced RTP Conferencing with WebRTC - PERC
Privacy Enhanced RTP Conferencing with WebRTC - PERCPrivacy Enhanced RTP Conferencing with WebRTC - PERC
Privacy Enhanced RTP Conferencing with WebRTC - PERC
 
Bridging_WebRTC_with_SIP_Alberto_WebRTCventures_Cluecon2023_NoVideo.pptx
Bridging_WebRTC_with_SIP_Alberto_WebRTCventures_Cluecon2023_NoVideo.pptxBridging_WebRTC_with_SIP_Alberto_WebRTCventures_Cluecon2023_NoVideo.pptx
Bridging_WebRTC_with_SIP_Alberto_WebRTCventures_Cluecon2023_NoVideo.pptx
 
Torino js
Torino jsTorino js
Torino js
 
WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...
WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...
WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...
 
WebRTC Standards & Implementation Q&A - IP address privacy revisited
WebRTC Standards & Implementation Q&A - IP address privacy revisitedWebRTC Standards & Implementation Q&A - IP address privacy revisited
WebRTC Standards & Implementation Q&A - IP address privacy revisited
 
Moving to software-based production workflows and containerisation of media a...
Moving to software-based production workflows and containerisation of media a...Moving to software-based production workflows and containerisation of media a...
Moving to software-based production workflows and containerisation of media a...
 
Toward low-latency Java applications - javaOne 2014
Toward low-latency Java applications - javaOne 2014Toward low-latency Java applications - javaOne 2014
Toward low-latency Java applications - javaOne 2014
 
Janus @ DevDay Napoli
Janus @ DevDay NapoliJanus @ DevDay Napoli
Janus @ DevDay Napoli
 
Janus: an open source and general purpose WebRTC (gateway) server
Janus: an open source and general purpose WebRTC (gateway) serverJanus: an open source and general purpose WebRTC (gateway) server
Janus: an open source and general purpose WebRTC (gateway) server
 
Upperside Webinar- WebRTC from the service provider prism-final
Upperside Webinar- WebRTC from the service provider prism-finalUpperside Webinar- WebRTC from the service provider prism-final
Upperside Webinar- WebRTC from the service provider prism-final
 

Mehr von Lorenzo Miniero

SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Getting AV1/SVC to work in the Janus WebRTC Server
Getting AV1/SVC to work in the Janus WebRTC ServerGetting AV1/SVC to work in the Janus WebRTC Server
Getting AV1/SVC to work in the Janus WebRTC ServerLorenzo Miniero
 
The challenges of hybrid meetings @ CommCon 2023
The challenges of hybrid meetings @ CommCon 2023The challenges of hybrid meetings @ CommCon 2023
The challenges of hybrid meetings @ CommCon 2023Lorenzo Miniero
 
Real-Time Text and WebRTC @ Kamailio World 2023
Real-Time Text and WebRTC @ Kamailio World 2023Real-Time Text and WebRTC @ Kamailio World 2023
Real-Time Text and WebRTC @ Kamailio World 2023Lorenzo Miniero
 
Become a rockstar using FOSS!
Become a rockstar using FOSS!Become a rockstar using FOSS!
Become a rockstar using FOSS!Lorenzo Miniero
 
Janus SFU cascading @ IIT-RTC 2022
Janus SFU cascading @ IIT-RTC 2022Janus SFU cascading @ IIT-RTC 2022
Janus SFU cascading @ IIT-RTC 2022Lorenzo Miniero
 
SIP transfer with Janus/WebRTC @ OpenSIPS 2022
SIP transfer with Janus/WebRTC @ OpenSIPS 2022SIP transfer with Janus/WebRTC @ OpenSIPS 2022
SIP transfer with Janus/WebRTC @ OpenSIPS 2022Lorenzo Miniero
 
Janus workshop @ RTC2019 Beijing
Janus workshop @ RTC2019 BeijingJanus workshop @ RTC2019 Beijing
Janus workshop @ RTC2019 BeijingLorenzo Miniero
 
Welcome to JanusCon! -- Past, Present and Future of Janus
Welcome to JanusCon! -- Past, Present and Future of JanusWelcome to JanusCon! -- Past, Present and Future of Janus
Welcome to JanusCon! -- Past, Present and Future of JanusLorenzo Miniero
 
Multistream in Janus @ CommCon 2019
Multistream in Janus @ CommCon 2019Multistream in Janus @ CommCon 2019
Multistream in Janus @ CommCon 2019Lorenzo Miniero
 

Mehr von Lorenzo Miniero (10)

SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Getting AV1/SVC to work in the Janus WebRTC Server
Getting AV1/SVC to work in the Janus WebRTC ServerGetting AV1/SVC to work in the Janus WebRTC Server
Getting AV1/SVC to work in the Janus WebRTC Server
 
The challenges of hybrid meetings @ CommCon 2023
The challenges of hybrid meetings @ CommCon 2023The challenges of hybrid meetings @ CommCon 2023
The challenges of hybrid meetings @ CommCon 2023
 
Real-Time Text and WebRTC @ Kamailio World 2023
Real-Time Text and WebRTC @ Kamailio World 2023Real-Time Text and WebRTC @ Kamailio World 2023
Real-Time Text and WebRTC @ Kamailio World 2023
 
Become a rockstar using FOSS!
Become a rockstar using FOSS!Become a rockstar using FOSS!
Become a rockstar using FOSS!
 
Janus SFU cascading @ IIT-RTC 2022
Janus SFU cascading @ IIT-RTC 2022Janus SFU cascading @ IIT-RTC 2022
Janus SFU cascading @ IIT-RTC 2022
 
SIP transfer with Janus/WebRTC @ OpenSIPS 2022
SIP transfer with Janus/WebRTC @ OpenSIPS 2022SIP transfer with Janus/WebRTC @ OpenSIPS 2022
SIP transfer with Janus/WebRTC @ OpenSIPS 2022
 
Janus workshop @ RTC2019 Beijing
Janus workshop @ RTC2019 BeijingJanus workshop @ RTC2019 Beijing
Janus workshop @ RTC2019 Beijing
 
Welcome to JanusCon! -- Past, Present and Future of Janus
Welcome to JanusCon! -- Past, Present and Future of JanusWelcome to JanusCon! -- Past, Present and Future of Janus
Welcome to JanusCon! -- Past, Present and Future of Janus
 
Multistream in Janus @ CommCon 2019
Multistream in Janus @ CommCon 2019Multistream in Janus @ CommCon 2019
Multistream in Janus @ CommCon 2019
 

Kürzlich hochgeladen

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 

Kürzlich hochgeladen (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Insertable Streams and E2EE @ ClueCon2020

  • 1. Insertable Streams and E2EE in WebRTC: a Janus story Lorenzo Miniero ClueCon – Chicago, IL, USA (kinda!) August 5th 2020
  • 2. Who am I? Lorenzo Miniero • Ph.D @ UniNA • Chairman @ Meetecho • Main author of Janus® Contacts and info • lorenzo@meetecho.com • https://twitter.com/elminiero • https://www.slideshare.net/LorenzoMiniero • https://soundcloud.com/lminiero
  • 3. Just a few words on Meetecho • Co-founded in 2009 as an academic spin-off • University research efforts brought to the market • Completely independent from the University • Focus on real-time multimedia applications • Strong perspective on standardization and open source • Several activities • Consulting services • Commercial support and Janus licenses • Streaming of live events (IETF, ACM, etc.) • Proudly brewed in sunny Napoli, Italy
  • 7. Involving a server as a peer
  • 8. Involving a server as a peer
  • 10. Many reasons why that may be needed • Server being a “MITM” is often a feature, actually • It may need to transcode media • An MCU even more so! (e.g., FreeSwitch) • Recordings typically need access to unencrypted media too • Even when just relaying, access to payload may be sometimes required • e.g., Simulcast or SVC • Codec-specific info (e.g., temporal layer) may be in the payload • RTP headers would still need to be editable Can you get true E2EE even through a server? • Short answer: YES! • Slightly longer answer: it’s not that easy, though...
  • 11. Many reasons why that may be needed • Server being a “MITM” is often a feature, actually • It may need to transcode media • An MCU even more so! (e.g., FreeSwitch) • Recordings typically need access to unencrypted media too • Even when just relaying, access to payload may be sometimes required • e.g., Simulcast or SVC • Codec-specific info (e.g., temporal layer) may be in the payload • RTP headers would still need to be editable Can you get true E2EE even through a server? • Short answer: YES! • Slightly longer answer: it’s not that easy, though...
  • 12. Many reasons why that may be needed • Server being a “MITM” is often a feature, actually • It may need to transcode media • An MCU even more so! (e.g., FreeSwitch) • Recordings typically need access to unencrypted media too • Even when just relaying, access to payload may be sometimes required • e.g., Simulcast or SVC • Codec-specific info (e.g., temporal layer) may be in the payload • RTP headers would still need to be editable Can you get true E2EE even through a server? • Short answer: YES! • Slightly longer answer: it’s not that easy, though...
  • 13. Many reasons why that may be needed • Server being a “MITM” is often a feature, actually • It may need to transcode media • An MCU even more so! (e.g., FreeSwitch) • Recordings typically need access to unencrypted media too • Even when just relaying, access to payload may be sometimes required • e.g., Simulcast or SVC • Codec-specific info (e.g., temporal layer) may be in the payload • RTP headers would still need to be editable Can you get true E2EE even through a server? • Short answer: YES! • Slightly longer answer: it’s not that easy, though...
  • 14. An excellent talk on the challenges of E2EE! https://www.youtube.com/watch?v=a0vhHmONWlw
  • 15. Privacy Enhanced RTP Conferencing (PERC) https://datatracker.ietf.org/wg/perc/about/
  • 16. Not very popular among WebRTC developers, though... https://mailarchive.ietf.org/arch/msg/perc/x1HjohPL6ISuoNj7eE6HEre7O1E/
  • 17. A simpler approach: PERC “Lite”
  • 18. PERC Lite and Janus https://www.meetecho.com/blog/meetecho-and-cosmo-strike-again-perc-lite-integration-in-janus/
  • 19. PERC Lite and Janus https://www.meetecho.com/blog/meetecho-and-cosmo-strike-again-perc-lite-integration-in-janus/
  • 22. Enter Insertable Streams! • New browser API that allows custom processing on WebRTC frames • Key use case −→ E2EE! • Works with encoded frames, not individual packets • [OUT] audio/video frames after they’ve been encoded, but before RTP packetization • [IN] audio/video frames before they’ve been decoded, but after RTP de-packetization • Working with frames makes it protocol agnostic • Today it’s RTP, tomorrow it might be QUIC Some useful reads • https://www.meetecho.com/blog/janus-e2ee-sframe/ • https://webrtcbydralex.com/index.php/2020/03/30/ • https://webrtchacks.com/true-end-to-end-encryption-with-webrtc-insertable-streams/
  • 23. Enter Insertable Streams! • New browser API that allows custom processing on WebRTC frames • Key use case −→ E2EE! • Works with encoded frames, not individual packets • [OUT] audio/video frames after they’ve been encoded, but before RTP packetization • [IN] audio/video frames before they’ve been decoded, but after RTP de-packetization • Working with frames makes it protocol agnostic • Today it’s RTP, tomorrow it might be QUIC Some useful reads • https://www.meetecho.com/blog/janus-e2ee-sframe/ • https://webrtcbydralex.com/index.php/2020/03/30/ • https://webrtchacks.com/true-end-to-end-encryption-with-webrtc-insertable-streams/
  • 24. Enter Insertable Streams! • New browser API that allows custom processing on WebRTC frames • Key use case −→ E2EE! • Works with encoded frames, not individual packets • [OUT] audio/video frames after they’ve been encoded, but before RTP packetization • [IN] audio/video frames before they’ve been decoded, but after RTP de-packetization • Working with frames makes it protocol agnostic • Today it’s RTP, tomorrow it might be QUIC Some useful reads • https://www.meetecho.com/blog/janus-e2ee-sframe/ • https://webrtcbydralex.com/index.php/2020/03/30/ • https://webrtchacks.com/true-end-to-end-encryption-with-webrtc-insertable-streams/
  • 25. Enter Insertable Streams! • New browser API that allows custom processing on WebRTC frames • Key use case −→ E2EE! • Works with encoded frames, not individual packets • [OUT] audio/video frames after they’ve been encoded, but before RTP packetization • [IN] audio/video frames before they’ve been decoded, but after RTP de-packetization • Working with frames makes it protocol agnostic • Today it’s RTP, tomorrow it might be QUIC Some useful reads • https://www.meetecho.com/blog/janus-e2ee-sframe/ • https://webrtcbydralex.com/index.php/2020/03/30/ • https://webrtchacks.com/true-end-to-end-encryption-with-webrtc-insertable-streams/
  • 28. A few challenges with this approach • Encrypted payload may make life harder for SFUs • Useful info usually available in the payload • e.g., how to detect if we got a keyframe? • A few different solutions to this • Keep the first bytes unencrypted? (where that info is) • Ad-hoc RTP extensions for metadata (spec on its way!) • Encrypting the payload may confuse the RTP (de)packetizer • Each video codec has different rules • e.g., H.264 uses NALs, which wouldn’t be visible anymore • Solution more tricky to find, here • Keep info used for splitting unencrypted? (codec specific) • Even better, use a global RTP packetization for all codecs (spec coming!)
  • 29. A few challenges with this approach • Encrypted payload may make life harder for SFUs • Useful info usually available in the payload • e.g., how to detect if we got a keyframe? • A few different solutions to this • Keep the first bytes unencrypted? (where that info is) • Ad-hoc RTP extensions for metadata (spec on its way!) • Encrypting the payload may confuse the RTP (de)packetizer • Each video codec has different rules • e.g., H.264 uses NALs, which wouldn’t be visible anymore • Solution more tricky to find, here • Keep info used for splitting unencrypted? (codec specific) • Even better, use a global RTP packetization for all codecs (spec coming!)
  • 30. A few challenges with this approach • Encrypted payload may make life harder for SFUs • Useful info usually available in the payload • e.g., how to detect if we got a keyframe? • A few different solutions to this • Keep the first bytes unencrypted? (where that info is) • Ad-hoc RTP extensions for metadata (spec on its way!) • Encrypting the payload may confuse the RTP (de)packetizer • Each video codec has different rules • e.g., H.264 uses NALs, which wouldn’t be visible anymore • Solution more tricky to find, here • Keep info used for splitting unencrypted? (codec specific) • Even better, use a global RTP packetization for all codecs (spec coming!)
  • 31. A few challenges with this approach • Encrypted payload may make life harder for SFUs • Useful info usually available in the payload • e.g., how to detect if we got a keyframe? • A few different solutions to this • Keep the first bytes unencrypted? (where that info is) • Ad-hoc RTP extensions for metadata (spec on its way!) • Encrypting the payload may confuse the RTP (de)packetizer • Each video codec has different rules • e.g., H.264 uses NALs, which wouldn’t be visible anymore • Solution more tricky to find, here • Keep info used for splitting unencrypted? (codec specific) • Even better, use a global RTP packetization for all codecs (spec coming!)
  • 32. Enabling Insertable Streams pc = new RTCPeerConnection({ encodedInsertableStreams: true, forceEncodedAudioInsertableStreams: true, forceEncodedVideoInsertableStreams: true });
  • 33. Adding a Sender Trasform senderTransform = new TransformStream({ start() { // Called on startup. }, transform(chunk, controller) { // Frame encoded, edit payload and return it [..] controller.enqueue(chunk); }, flush() { // Called when the stream is about to be closed } }); sender = pc.addTrack(track, stream) senderStreams = sender.createEncodedVideoStreams(); senderStreams.readableStream .pipeThrough(senderTransform) .pipeTo(senderStreams.writableStream);
  • 34. Adding a Receiver Trasform as well receiverTransform = new TransformStream({ start() { // Called on startup. }, transform(chunk, controller) { // Received frame, edit payload and return it [..] controller.enqueue(chunk); }, flush() { // Called when the stream is about to be closed } }); pc.ontrack = function(event) { [..] receiverStreams = event.receiver.createEncodedVideoStreams(); receiverStreams.readableStream .pipeThrough(receiverTransform) .pipeTo(receiverStreams.writableStream); }
  • 35. Integrated in janus.js a few weeks ago echotest.createOffer({ media: { audio: true, video: true }, senderTransforms: { audio: new TransformStream({ .. }), video: new TransformStream({ .. }) }, receiverTransforms: { audio: new TransformStream({ .. }), video: new TransformStream({ .. }) }, [..] success: function(jsep) { // Send offer to Janus } }); https://github.com/meetecho/janus-gateway/pull/2074
  • 36. Testing basic E2EE in the Janus demos https://janus.conf.meetecho.com/e2etest
  • 37. Testing basic E2EE in the Janus demos https://janus.conf.meetecho.com/e2etest
  • 38. A step forward: Secure Frames (SFrame) • Co-developed by CoSMo and Google • Used in Google Duo for E2EE for a long time already • https://cosmosoftware.io/secure-frames-sframes/ • https://www.gstatic.com/duo/papers/duo_e2ee.pdf/ • Recently brought to the IETF as well (presented in DISPATCH @ IETF108) • https://tools.ietf.org/html/draft-omara-sframe-00 • https://mailarchive.ietf.org/arch/browse/sframe/ • Learned lessons from previous E2EE attempts • Minimizes overhead and impact on servers and clients • Works of frames, not packets, so transport agnostic • Interaction with KMS done out of band, and KMS agnostic (e.g., Signal or MLS)
  • 39. A step forward: Secure Frames (SFrame) • Co-developed by CoSMo and Google • Used in Google Duo for E2EE for a long time already • https://cosmosoftware.io/secure-frames-sframes/ • https://www.gstatic.com/duo/papers/duo_e2ee.pdf/ • Recently brought to the IETF as well (presented in DISPATCH @ IETF108) • https://tools.ietf.org/html/draft-omara-sframe-00 • https://mailarchive.ietf.org/arch/browse/sframe/ • Learned lessons from previous E2EE attempts • Minimizes overhead and impact on servers and clients • Works of frames, not packets, so transport agnostic • Interaction with KMS done out of band, and KMS agnostic (e.g., Signal or MLS)
  • 40. A step forward: Secure Frames (SFrame) • Co-developed by CoSMo and Google • Used in Google Duo for E2EE for a long time already • https://cosmosoftware.io/secure-frames-sframes/ • https://www.gstatic.com/duo/papers/duo_e2ee.pdf/ • Recently brought to the IETF as well (presented in DISPATCH @ IETF108) • https://tools.ietf.org/html/draft-omara-sframe-00 • https://mailarchive.ietf.org/arch/browse/sframe/ • Learned lessons from previous E2EE attempts • Minimizes overhead and impact on servers and clients • Works of frames, not packets, so transport agnostic • Interaction with KMS done out of band, and KMS agnostic (e.g., Signal or MLS)
  • 41. A step forward: Secure Frames (SFrame)
  • 42. A step forward: Secure Frames (SFrame)
  • 43. SFrame.js: an open source SFrame library • Pure javascript library implementing SFrame using webcrypto • Developed by Sergio Garcia Murillo • https://github.com/medooze/sframe • Described in detail in a blog post and in the CommCon presentation • https://medium.com/@medooze/sframe-js-end-to-end-encryption-for-webrtc- f9a83a997d6d • https://www.youtube.com/watch?v=a0vhHmONWlw • Basically provides everything except the Key Management System (KMS) • Which makes sense, that should be up to you anyway! Helped Sergio testing it while integrating it in janus.js https://www.meetecho.com/blog/janus-e2ee-sframe/
  • 44. SFrame.js: an open source SFrame library • Pure javascript library implementing SFrame using webcrypto • Developed by Sergio Garcia Murillo • https://github.com/medooze/sframe • Described in detail in a blog post and in the CommCon presentation • https://medium.com/@medooze/sframe-js-end-to-end-encryption-for-webrtc- f9a83a997d6d • https://www.youtube.com/watch?v=a0vhHmONWlw • Basically provides everything except the Key Management System (KMS) • Which makes sense, that should be up to you anyway! Helped Sergio testing it while integrating it in janus.js https://www.meetecho.com/blog/janus-e2ee-sframe/
  • 45. SFrame.js: an open source SFrame library • Pure javascript library implementing SFrame using webcrypto • Developed by Sergio Garcia Murillo • https://github.com/medooze/sframe • Described in detail in a blog post and in the CommCon presentation • https://medium.com/@medooze/sframe-js-end-to-end-encryption-for-webrtc- f9a83a997d6d • https://www.youtube.com/watch?v=a0vhHmONWlw • Basically provides everything except the Key Management System (KMS) • Which makes sense, that should be up to you anyway! Helped Sergio testing it while integrating it in janus.js https://www.meetecho.com/blog/janus-e2ee-sframe/
  • 46. SFrame.js: an open source SFrame library • Pure javascript library implementing SFrame using webcrypto • Developed by Sergio Garcia Murillo • https://github.com/medooze/sframe • Described in detail in a blog post and in the CommCon presentation • https://medium.com/@medooze/sframe-js-end-to-end-encryption-for-webrtc- f9a83a997d6d • https://www.youtube.com/watch?v=a0vhHmONWlw • Basically provides everything except the Key Management System (KMS) • Which makes sense, that should be up to you anyway! Helped Sergio testing it while integrating it in janus.js https://www.meetecho.com/blog/janus-e2ee-sframe/
  • 47. Integrating SFrame.js in janus.js import {Janus} from ’./janus.js’; import {SFrame} from ’./sframe/Client.js’; ... echotest.createOffer({ media: { audio: true, video: true }, sframe: { outgoingId: 0, incomingId: 0, sharedKey: cryptoKey, // Generated previously keyPair: keyPair // Generated previously }, [..] success: function(jsep) { // Send offer to Janus } });
  • 48. Integrating SFrame.js in janus.js if(callbacks.sframe) { Janus.log("Using SFrame to encrypt media end-to-end:", callbacks.sframe); config.sframe = callbacks.sframe; config.sframeClient = await SFrame.createClient(config.sframe.outgoingId, {}); // Sender part await config.sframeClient.setSenderEncryptionKey(config.sframe.shared); if(config.sframe.keyPair && config.sframe.keyPair.privateKey) { await config.sframeClient.setSenderSigningKey(config.sframe.keyPair.privateKey); } // Receiver part if(config.sframe.incomingId !== undefined && config.sframe.incomingId !== null) { await config.sframeClient.addReceiver(config.sframe.incomingId); await config.sframeClient.setReceiverEncryptionKey(config.sframe.incomingId, callbacks.sframe.shared); if(config.sframe.keyPair && config.sframe.keyPair.publicKey) { await config.sframeClient.setReceiverVerifyKey(config.sframe.incomingId, config.sframe.keyPair.publicKey); } } }
  • 49. Integrating SFrame.js in janus.js // Have SFrame.js configure the Sender Transform var sender = config.pc.addTrack(track, stream); config.sframeClient.encrypt(sender.track.id, sender); ... // Have SFrame.js configure the Receiver Transform config.pc.ontrack = function(event) { [..] config.sframeClient.decrypt(event.track.id, event.receiver); [..] }
  • 50. Testing SFrame with Janus https://www.meetecho.com/blog/janus-e2ee-sframe/
  • 51. Testing SFrame with Janus https://www.meetecho.com/blog/janus-e2ee-sframe/
  • 52. Thanks! Questions? Comments? Get in touch! • https://twitter.com/elminiero • https://twitter.com/meetecho • https://www.meetecho.com