Generating one-time keys for secure multimedia communication

Official URL: http://dx.doi.org/10.1109/ICCW.2018.8403554

Web real-time communication (WebRTC) open source project is focused on peer-to-peer communication and aims to provide secure communication between nodes through symmetric encryption. For secure communication, there are two main issues: generation of different strong keys for each session and distribution of these keys to the parties. Although some native proposals exist for the generation and distribution of session keys, due to limitations of them, key distribution for WebRTC is an active research area. In this paper, we propose a key distribution mechanism for WebRTC peers based on hash chains. Our mechanism produces keys on different ends synchronously without any initial communication. Our solution provides the outstanding performance of utilizing hash functions over other symmetric and asymmetric cryptographic primitives while providing both forward and backward secrecy of the one-time session keys. On top of theoretical analyses, we also implemented the proposed mechanism on Java-based smart cards integrated to smart phones in order to show its practical feasibility.