Bug 214402 - Support AES GCM ciphers in WebRTC
Summary: Support AES GCM ciphers in WebRTC
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebRTC (show other bugs)
Version: Safari Technology Preview
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: youenn fablet
Keywords: InRadar
Depends on:
Reported: 2020-07-16 03:38 PDT by Ben
Modified: 2021-09-30 09:05 PDT (History)
11 users (show)

See Also:

Patch (4.23 KB, patch)
2021-09-29 00:26 PDT, youenn fablet
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Ben 2020-07-16 03:38:38 PDT
AES GCM ciphers in WebRTC gives better security and much better performance because of hardware acceleration and single step for encrypt + mac.
Safari is the only browser missing support.

Chrome 84/Edge

Firefox 64
Comment 1 Radar WebKit Bug Importer 2020-07-16 18:17:21 PDT
Comment 2 Ben 2021-03-30 06:33:25 PDT
Any news on AES GCM support? It has a significant effect on SFUs.
Comment 3 Ben 2021-09-28 12:53:17 PDT
Safari 15.0 still uses SRTP_AES128_CM_HMAC_SHA1_80 without support for SRTP_AEAD_AES_128_GCM. Any chance for AES GCM support? This will result with significant CPU saving on SFUs (10%-20%) which is also important to the environment.
Comment 4 youenn fablet 2021-09-29 00:26:51 PDT
Created attachment 439574 [details]
Comment 5 youenn fablet 2021-09-29 00:27:49 PDT
Hi Ben, do you know of any webrtc solution where I can try using AES GCM myself?
Comment 8 Ben 2021-09-29 14:09:54 PDT
Got advice to test with Janus and check the srtp dtls extension in a pcap from Safari
Comment 9 youenn fablet 2021-09-30 03:11:41 PDT
Thanks Ben, I validated this with mediasoup.
Comment 10 EWS 2021-09-30 09:05:42 PDT
Committed r283315 (242340@main): <https://commits.webkit.org/242340@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 439574 [details].