9
Three ways to encrypt network
video streams
HTTPS
HTTPS is the standard protection used to encrypt traffic between
clients and servers. TLS (Transport Layer Security) is used to
create a secure channel where the HTTP traffic is tunneled. If the
server has a Certificate Authority (CA)-signed certificate the client
will be able to validate that it is accessing a legitimate server and
not a malicious computer impersonating the camera.
Video is typically transmitted using RTP (Real-time Protocol). For
encrypted video the client needs to request the RTP stream over
HTTPS. HTTPS (TLS) may use different types of ciphers. The
cipher that is most commonly used is AES (Advanced Encryption
Standard), which provides key lengths of either 128 or 256 bits.
Axis cameras come preloaded with a self-signed certificate and
HTTPS enabled. This is sufficient for a client to access the camera
with HTTPS out-of-the-box. If there is a threat of spoofing, the
certificate needs to be replaced with a CA-signed certificate.
Chapter 4
9
