English (United States) العربية Deutsch Español Français Hrvatski Bahasa Indonesia Italiano 日本語 한국어 Nederlands Polski Português Русский Slovenčina Türkçe 繁體中文

Articles in this section

Using Video Bridge Encryption (VBE) in Brave Talk Follow

Avatar
  • Updated

In WebRTC, each browser uses two main data paths: signaling and media.

Media is sent between each browser and a server (called a Selective Forwarding Unit or SFU). This helps set up the connection. The media (audio and video) travels over a secure connection called DTLS-SRTP between each browser and the SFU.

In most cases, browsers use the SFU to send media to other participants. The SFU acts as a middleman, distributing the traffic. In some cases, though, browsers may communicate directly with each other without an SFU.

When using a SFU without extra security, the SFU receives the media, decrypts it, optimizes it for each recipient (for example, by adjusting quality or deciding which streams to send), and then re-encrypts and forwards it using DTLS-SRTP. This helps the SFU manage media more efficiently for everyone in the call.

With added security like VBE, the browsers share a secret key whenever someone joins or leaves the meeting. Only the participants know this key—not the SFU. This creates two layers of protection: an end-to-end encryption (E2EE) layer, where only the browsers can unlock the media content, and a hop-by-hop layer, where the SFU forwards the media but can’t access what’s inside due to the E2EE protection.

Note that chat messages travel over a separate channel to the SFU and are not part of the audio or video stream.

How to enable VBE

Once you (the moderator) creates a room:

  1. Click on... ("More options") 
  2. Select Security options
  3. Toggle Video Bridge Encryption "on"

A recording can be started, but no transcription will occur. All participants (current or future) will exchange keys and encrypt their traffic accordingly.

How to verify a participant

As the moderator:

  1. Click ... ("more options") for the participant
  2. Select Verify Participant

Both the moderator and the user see a pop-up with 7 symbols. They should then confirm — via a second-channel — that they they see the same symbols in the same order. If they do, the moderator and participant selects They match. This needs to be done only once.

Related articles