Why Chrome Chooses the slower AES-CM Over AES-GCM for Media SRTP Encryption

Why Chrome Chooses the slower AES-CM Over AES-GCM for Media SRTP Encryption
Photo by Markus Winkler / Unsplash

Assisted by a Language Learning Model (LLM)

Bullet Points:

  • The Chrome browser encrypts outgoing WebRTC media sessions.
  • The Chrome browser decrypts received WebRTC media sessions.
  • The WebRTC specification requires using encrypted media over the wire.
  • AES is the encryption standard used for media.
  • There are two types of AES encryption enabled in Chrome for media: AES-CM and AES-GCM.
  • In my benchmarking, AES-GCM is about three times faster than AES-CM.
  • But, interestingly enough, the AES-CM cipher is preferred to AES-GCM.

With the rise of WebRTC (Web Real-Time Communication), secure communication between peers is paramount. The Chrome browser, adhering to the WebRTC specification, ensures that all media sessions—both outgoing and incoming—are encrypted, ensuring users' privacy and the integrity of data.

AES (Advanced Encryption Standard) stands as the primary encryption standard for media in this realm. Within the realm of AES encryption for WebRTC in Chrome, there exist two notable variants: AES-CM (Counter Mode) and AES-GCM (Galois Counter Mode).

Benchmarking reveals an intriguing data point: AES-GCM emerges as about three times faster than its AES-CM counterpart, making one wonder why Chrome doesn't opt for the seemingly faster choice. However, speed isn't the only metric to consider when weighing encryption methods.

The answer lies in a specific comment from Chrome's source code, which offers valuable insight:

// Note: GCM cipher suites are not the top choice since they increase the
// packet size. In order to negotiate them the other side must not support
// kSrtpAes128CmSha1_80.

Libwebrtc code link here

This code snippet clarifies the browser's preference. Despite the speed advantage AES-GCM has, its resultant packet sizes are larger. In a world where data is consistently transmitted across vast distances and often through limited bandwidth environments, packet size can profoundly affect performance. Larger packets translate to higher bandwidth usage, which can lead to latency and congestion in the network.

In conclusion, while AES-GCM may offer faster encryption speeds, Chrome's decision to favor AES-CM primarily stems from its ability to produce smaller packets, optimizing bandwidth usage. Efficiency in transmission, in this case, outweighs raw encryption speed, underlining the intricacies of choosing encryption standards for a real-world application like WebRTC.