---
stand_alone: true
ipr: none
cat: info
area: Systems Engineering
wg: OSMORA Standards Group

docname: OAP-0003

title: OSMORA Secure Tunnel Protocol
abbrev: OSTP
lang: en
kw:
  - ostp
  - secure tunnel
  - networking
author:
- role: editor
  name: Ian M. Moffett
  org: OSMORA
  city: Washington, DC
  region: Southeast
  code: 20020
  email: ian@osmora.org

--- abstract

The OSMORA Secure Tunnel Protocol is highly flexible and secure network protocol
designed for peer-to-peer and client-server relay communication.

--- middle

# Introduction

OSTP is a highly flexible protocol designed for establishing a secure link
between two or more peers. The design of OSTP makes it easy to build any
additional protocol(s) on top (e.g., messaging protocols).


## Purpose

The purpose of OSTP is to provide OSMORA members with a secure and trusted method
of communication free of any surveillance. The design of OSTP additionally allows others to build additional protocols on top making it fundamental building
block of future OSMORA secure protocols.

# Requirements Language

{::boilerplate bcp14-tagged}

# Session Requests

If a client wishes to establish a link with a server, it must send a Session Request
Packet. Doing so allows the client and server to exchange flags along with required
cryptographic keys. All key exchanges under OSTP are done with forward secrecy using
the Elliptic-curve Diffie–Hellman key agreement protocol.

# Security

All OSTP traffic must be under AES-256-GCM and be purely ephemeral. All OSTP nodes, regardless
of being in peer-to-peer mode or not, must be stateless and always discard received data after
use.

# References

[OAP-0003]  Moffett, I., "OSMORA Secure Tunnel Protocol (OSTP) Rev. 4",
            OSMORA Standards Group, OAP-0003 \- https://osmora.org/ostp-rev4.pdf