3. Problem Statement

3. Problem Statement

The ICE protocol requires gathering all possible candidate addresses to maximize the probability of connection success. This includes:

• Host candidates: Network interfaces directly attached to the device (e.g., Ethernet, Wi-Fi).
• Server reflexive candidates: Public IP addresses derived from STUN servers.
• Relay candidates: Relayed addresses from TURN servers.

If a device is behind a NAT, its host candidate is typically a private RFC 1918 address (e.g., 192.168.1.5). Key privacy issues include:

1. Fingerprinting: The set of local IP addresses (especially if multiple interfaces exist, like a VPN) can act as a unique identifier for the user over time or across sites.
2. Location Tracking: Revealing the public IP address allows coarse location tracking. (Note: WebRTC cannot completely hide the public IP if a direct connection is desired, but local IPs add granularity).
3. Network Topology Exposure: Revealing internal IP schemes gives attackers information about the local network structure.