Video session encryption: DTLS and SRTP explained simply
Updated: 2026-05-22
Assistance Leagora protects remote video support using industry-standard WebRTC encryption: DTLS secures the signalling channel that sets up the session, while SRTP encrypts the actual audio and video streams in transit. Pages and APIs load over HTTPS. The Galène open-source engine handles media paths; no session video is stored by default. This stack gives RSSI teams auditable, modern cryptography without proprietary black boxes.
Procurement asks: "Is the video encrypted?" — and non-specialists need an answer that is accurate, not marketing fluff. Remote video support crosses untrusted networks, especially when customers use mobile 4G. Understanding DTLS and SRTP helps you compare Assistance Leagora with consumer meeting tools and tick security questionnaires confidently.
Why encryption matters for customer-facing video
Support sessions may show home interiors, serial numbers, and faces. Unencrypted media would expose sensitive environments on public Wi-Fi or carrier networks.
Encryption in transit is baseline expectation for GDPR security of processing and for enterprise vendor reviews.
HTTPS for pages and session setup
Agents and customers load the application over HTTPS, preventing trivial interception of login tokens and session invitations.
API calls benefit from the same transport protection before WebRTC negotiates peer media paths.
DTLS: securing the handshake
Datagram Transport Layer Security (DTLS) protects the signalling that exchanges capabilities and keys between browser and server.
Think of DTLS as the locked envelope that sets up the call — without it, attackers could disrupt or downgrade session parameters.
SRTP: encrypting audio and video frames
Secure Real-time Transport Protocol (SRTP) encrypts the media streams themselves after setup. Packets crossing the internet remain unreadable without session keys.
Galène implements these standards as part of its open-source codebase — auditable on galene.org rather than hidden in a closed SDK.
What encryption does not replace
Transport encryption protects data in flight, not organisational policy. Recording, agent access control, and password hygiene remain your responsibility.
Assistance Leagora adds role-based agent permissions, EU hosting, and no default storage — encryption plus operational minimisation.
How Assistance Leagora helps
Security architecture highlights for evaluators:
- DTLS/SRTP on WebRTC media via Galène engine
- HTTPS for web application and API traffic
- JWT-based agent authentication
- No video recording by default — reduced data-at-rest exposure
- Hosting in France/EU (OVH, Hetzner, Iliad); on-premise on quote
Expected results
- Cost : Pass security reviews faster vs building custom WebRTC stacks or approving non-standard tools.
- Field trips : Not applicable directly — encryption enables safe remote diagnosis that prevents trips.
- Customer satisfaction : Enterprise customers trust sessions backed by named standards, not vague "secure video" claims.
Frequently asked questions
Are DTLS and SRTP industry standard?
Yes. They are defined by IETF RFCs and used by major WebRTC implementations worldwide, including Galène.
Can we audit the video engine?
Galène is open source. Source code and documentation are public on galene.org for internal security review.
Is media encrypted end-to-end or to the server?
WebRTC sessions use encrypted transport between client and Galène server infrastructure. On-premise deployment keeps media within your network boundary.
Does encryption work on mobile browsers?
Yes. Modern Safari, Chrome, and Firefox mobile support the same DTLS/SRTP stack for browser remote video support.
Are sessions recorded encrypted at rest?
Recording is off by default. If you enable storage, define your retention and encryption policy for stored files in your deployment.
How does this compare to Teams or Zoom encryption?
All rely on modern transport encryption for media. Assistance Leagora adds EU hosting, no default recording, Galène transparency, and SAV-specific workflow — evaluate fit beyond crypto labels.
Ask vendors to name their standards — not just "encrypted." Evaluate Assistance Leagora with a free trial while your RSSI reviews Galène and DTLS/SRTP documentation.
Start free trial30-second signup — 1 group and 3 devices included, no credit card required.