Bramble Rendezvous Protocol (BRP) is a discovery protocol for peer-to-peer networks. It enables two peers that have previously exchanged public keys to connect to each other. No other information, such as network addresses, needs to be exchanged in advance. Instead the peers use a shared secret derived from their public keys to generate pseudo-random contact details for connecting to each other over various transports. BRP also produces a shared key that can be used by other protocols for securing communication between the peers.
Bramble Rendezvous Protocol (BRP) is a discovery protocol for peer-to-peer networks. It enables two peers that have previously exchanged public keys to connect to each other. No other information, such as network addresses, needs to be exchanged in advance. Instead the peers use a shared secret derived from their public and private keys to generate pseudo-random contact details for connecting to each other over various transports.
Any connections established by BRP are returned to the calling application, together with a shared key that can be used by other protocols for securing communication between the peers.
BRP is designed to operate over connection-oriented, bidirectional transport protocols. The current version of BRP uses the Tor hidden service protocol as its transport. Future versions of BRP may support other transports.
### 1.1 Motivation
BRP enables two peers in a peer-to-peer network to connect to each other by exchanging public keys. The public keys can be encoded as short text strings that can be exchanged over a wide range of channels, such as email or social networks.
BRP enables two peers in a peer-to-peer network to connect to each other by exchanging public keys. The public keys can be encoded as short text strings, which are easy to exchange over a wide range of channels, such as email or social networks.
The peers' contact details are derived from the shared secret, rather than being encodied in the same strings as the public keys. This has the following advantages:
Before they can connect, the peers need to know how to contact each other. A straightforward approach would be for the peers to encode their contact details in the same strings as their public keys. Instead, BRP uses a shared secret derived from the peers' public and private keys to generate pseudo-random contact details that are known to both peers but not to any other party. This has the following advantages:
* The amount of information that needs to be exchanged is small
* The amount of information that needs to be exchanged is small, so the strings are short
* The information is stable over time, so it can be exchanged asynchronously
* Contact details that might be used to identify or track the peers are not exposed to the channel where the exchange takes place
* Contact details that might be used to identify or track the peers, now or in the future, are not exposed to other parties during the exchange
