Secure multimedia communication in smart devices reinforced by using one-time keys

Official URL: http://risc01.sabanciuniv.edu/record=b1655722 (Table of Contents)

Recently, smart devices have become more and more prevalent in the daily life. The spread of these devices introduced various use cases; however, communication has always been their primary functionality. With the development of WebRTC (Web Real- Time Communication) and the availability of this technology on smart devices, applications offering real-time multimedia communication features will become more pervasive. Though WebRTC presents a promising set of standards and interfaces for the task of carrying data from one end to another, there are security issues that are left in the hands of the application developers. In this thesis, we aim to achieve secure multimedia communication by tackling the key generation and distribution issue of WebRTC platform using a smart card for secure storage and operations. We tested different cryptographic algorithms on smart cards, and resultantly we designed a mechanism based on hash chains. This mechanism allowed synchronous generation of keys at both sides. The mechanism was implemented and tested on different brands of Java Cards. The results of the tests indicate that it is possible to produce a key under one-second time. In addition, the results were analyzed to optimize generation times of particular keys by adjusting chain length parameter of the mechanism. Consequently, the key generation method was integrated into Media Security Platform of Netas¸ Telecommunications A.S¸ ., which is based on WebRTC. The integration was performed under the guidance of a signaling scheme drafted for the message traffic for the key agreement. In conclusion, the successful integration and better results indicate an improvement over a previously used public key system.