Enforcing End-to-end Security for Remote Conference Applications

Remote conference applications are increasingly widely used, but currently, their improper data encryption methods, proprietary implementations, and dial-in access cause concerns about privacy breaches. As such, there is a need for trustworthy and secure solutions for these production tools. In this paper, we present mTunnel, a transparent software layer in the host system for securing conference applications without sacrificing the key functionalities and convenience. The basic idea of mTunnel is to encrypt sensitive data, such as audio, video, text, etc., before it is obtained by untrusted application clients. mTunnel leverages the audio and video streaming capabilities of the conference applications to tunnel the encrypted content to the remote end. mTunnel involves a software framework to accommodate the media interception and representation through I/O virtualization based on virtual drivers. Moreover, mTunnel supports complete E2EE group conversations even in a mixed IP and public switched telephone network (PSTN). We implement mTunnel and evaluate it with several commercial products. Results show its feasibility and overhead.