How many OEM's encrypt stream with AES? What would be the payload of encryption of the latency?
The most important question is encryption the solution?
Regards
Srikanth
How many OEM's encrypt stream with AES? What would be the payload of encryption of the latency?
The most important question is encryption the solution?
Regards
Srikanth
I'm not sure how ubiquitous it is among all manufacturers but I think it's fairly common. I don't have stats to back it up but I suspect the added latency is imperceptible compared to the compression latency of h264.
You ask if encryption is the solution but you don't mention the problem you're trying to solve.
Encrypting the video stream is a good idea when there is highly sensitive video being recorded. For example proprietary IP, anything HIPPA sensitive, anything where pin numbers and passwords could be gleaned etc.
Video encryption won't do anything to improve the network security, except in edge cases where there might be a vulnerability in the rtp/rtsp protocol or something similar.
On the other hand, encryption is a "cheap" added layer of security, so unless it adds significant latency on a PTZ channel for example, there's not much reason not to do it.
Look at the WWW, most major sites automatically redirect you to the secure (https) portal and mostly nobody notices. If the security industry did the same, it would be simultaneously the biggest, and most boring piece of news regarding network security.
Look at the WWW, most major sites automatically redirect you to the secure (https) portal and mostly nobody notices. If the security industry did the same, it would be simultaneously the biggest, and most boring piece of news regarding network security.
Related: IPVM Site Goes All HTTPS, Largest 3 Manufacturers Do Not
thanks a lot for response,
I agree the https://ipcamer adds/ is always better if the certificates are signed by certification authority (CA), I am not sure on the self signed certificates.
Some of the consultant have been sold on this idea "Encryption of the rtp/rtsp steam from the camera", I would like to know which OEM's offer AES 128 Bit Encryption of the rap/rtsp stream? could not find this param in the "camera finder".
from http://www.edn.com/electronics-blogs/video-stream/4426154/Thoughts-on-Streaming-Video-Securely
and from http://download.vivotek.com/downloadfile/downloads/handbook/ip_surveillance_handbook_en.pdf on page 33-35. "Security protocols protect data from unauthorized access. SSL/TLS and IPSec are three basic network security protocols. The major difference is that SSL/TLS encrypts the data and IPSec encrypts the transmission channel."
the OEM clears talks of IPSec, but IPSec is more used in VPN tunnel..?
so back to the question, how exactly the RTSP stream is encrypted with AES 128 bit and which OEM's provide RTSP encrypted streams..
any insight would be help to to underhand the concept.
opps clicked post before adding the following,
from http://resource.boschsecurity.com/documents/Data_Security_Guideb_Special_enUS_22335871499.pdf page 21
Data security hint no. 8 There have been recent reports of cyberattacks utilizing an RTSP stack overflow buffer assault. These attacks were written to target specific vendors’ devices. Best practices would be to disable the service if it is not being utilized by an ONVIF conformant video management system or for basic real-time streaming.
Alternatively, and when the receiving client allows, the RTSP communication can be tunneled using a HTTPS connection, which is so far the only way to transmit RTSP data encrypted.
I am not sure how they do it, but DMP encrypts their data stream using 256bit-aes. They re-label hikvision cameras. They're using cloud storage. They also use a 2048 RSA certificate when logging into the camera.
John, any comments.. ?
Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.