Briar
European peer-to-peer messenger with Tor routing that works without internet - designed for activists and journalists
Quick Overview
| Project | Briar Project (Non-profit) |
|---|---|
| Category | Messaging (P2P) |
| Headquarters | Europe (Distributed team) |
| EU Presence | Yes - European development |
| Data Centers | None (P2P / Tor network) |
| Open Source | Yes (GPLv3) |
| GDPR Compliant | Yes (no data collection) |
| End-to-End Encryption | Yes |
| Main Features | P2P messaging, Tor routing, works via Wi-Fi/Bluetooth, no central servers, forums, blogs |
| Pricing | Free (open source) |
| Best For | Activists, journalists, and anyone needing secure communication in challenging environments |
| Replaces | WhatsApp, Signal (in high-risk scenarios) |
Detailed Review
Briar is a peer-to-peer messaging application designed for activists, journalists, and anyone who needs secure communication in challenging environments. Unlike conventional messengers that rely on central servers, Briar connects users directly through the Tor network, Wi-Fi, or Bluetooth. This unique architecture makes it resilient to censorship and surveillance, capable of operating even when internet infrastructure is disrupted.
European Development and Values
Briar is developed by the Briar Project, a non-profit organization with contributors across Europe. The project is supported by grants from organizations including the Open Technology Fund and various European digital rights foundations. This European backing ensures that privacy and human rights principles guide the project's development.
As an open-source project with no commercial interests, Briar has no incentive to collect or monetize user data. The developers' stated mission is to provide secure communication tools for people in high-risk environments, including journalists, activists, and citizens living under authoritarian regimes. This mission-driven approach distinguishes Briar from commercial messaging apps.
Peer-to-Peer Architecture
The most distinctive feature of Briar is its peer-to-peer (P2P) architecture. Messages are never stored on central servers - they pass directly between users' devices. When connected to the internet, Briar routes traffic through the Tor network, hiding metadata and making traffic analysis extremely difficult. When internet is unavailable, Briar can sync messages via Wi-Fi or Bluetooth when devices are in range.
This P2P approach eliminates several attack vectors common to centralized services. There are no servers to hack or subpoena, no company that can be pressured to hand over data, and no central point of failure that can be blocked by censors. Even if authorities seize Briar's development servers, existing users can continue communicating without interruption.
Works Without Internet
Briar's ability to function without internet connectivity is crucial for its target users. In areas where internet is censored, unreliable, or completely unavailable, Briar can sync messages between nearby devices using Wi-Fi or Bluetooth. This creates mesh-network capabilities where messages can hop between devices to reach their destination.
This feature is invaluable during protests when authorities often disable mobile networks, in disaster zones where infrastructure is damaged, or in remote areas with limited connectivity. Users can exchange messages whenever devices come within range, with messages queuing until delivery is possible.
Tor Integration
When internet is available, Briar routes all traffic through the Tor network. This provides multiple layers of anonymity protection. Your internet provider cannot see that you're using Briar, only that you're connecting to Tor. The Tor network's onion routing means that no single relay knows both the origin and destination of your messages.
Briar creates hidden services on Tor for each user, meaning there are no static endpoints that can be targeted. The combination of Tor and end-to-end encryption provides strong protection against both content surveillance and metadata analysis.
End-to-End Encryption
All messages in Briar are end-to-end encrypted using the Bramble Transport Protocol, developed specifically for Briar. Keys are exchanged when contacts meet in person or through a trusted introducer, preventing man-in-the-middle attacks that could occur with server-mediated key exchange. Perfect forward secrecy ensures that compromising current keys doesn't expose past messages.
The cryptographic protocols have been independently audited by Cure53, a respected German security firm. The audit found the implementation to be sound, with only minor issues that were subsequently addressed. The full audit report is publicly available.
Features Beyond Messaging
Briar includes features beyond one-to-one messaging. Private groups allow secure communication among multiple contacts. Forums provide a space for broader discussions that can be shared with new members. Blogs enable users to publish content to their contacts, useful for journalists sharing reports with trusted sources.
The mailbox feature allows contacts to leave messages when you're offline, which sync when you next come online. This addresses one of the challenges of P2P messaging where both parties previously needed to be online simultaneously.
Contact Exchange
Adding contacts in Briar requires exchanging a link in person (via QR code) or through another secure channel. This deliberate friction prevents random friend requests and ensures you know who you're communicating with. The trust model is explicit: you only connect with people you've verified.
While this is less convenient than searching by username or phone number, it's essential for Briar's security model. There's no directory of users that could be accessed by authorities, and no way to discover who uses Briar without their active participation.
Limitations to Consider
Briar's security-first design comes with usability trade-offs. It's currently Android-only, with a desktop version in beta. There's no iOS version due to Apple's restrictions on background processes needed for P2P networking. Messages only sync when the app is open, which impacts battery life if left running continuously.
The requirement for in-person contact exchange limits spontaneous communication with new contacts. Briar is not designed for casual messaging with friends and family - there are better tools for that purpose. It excels in scenarios where security requirements justify the additional friction.
Who Should Use Briar
Briar is designed for users with serious security requirements. Journalists protecting sources, activists organizing under surveillance, and citizens in countries with repressive regimes will find Briar's unique capabilities essential. It's also valuable as a backup communication channel that works when other services are blocked or networks are down. If you need messaging that doesn't depend on servers, can work without internet, and is designed to resist sophisticated adversaries, Briar is the tool for you.
Alternatives to Briar
Looking for other European secure messaging apps? Here are some alternatives worth considering:
Frequently Asked Questions
No, Briar is currently Android-only. Apple's iOS restrictions on background processes and peer-to-peer networking make it technically challenging to implement Briar's architecture. A desktop version for Windows, macOS, and Linux is in beta. For iOS users, alternatives like Threema or Session may be suitable.
While in-person QR code exchange is the most secure method, you can also share Briar links through another secure channel you both trust. A mutual contact can also introduce you. The key is using a channel where you can verify the other person's identity to prevent impersonation.
Briar can use more battery than conventional messengers because it maintains Tor connections and P2P networking. You can close the app when not actively messaging to conserve battery. Messages from contacts will queue and sync when you next open the app.
Briar is designed to be highly resistant to surveillance. Traffic is routed through Tor, hiding metadata. There are no central servers to subpoena. However, no system is perfectly secure against all adversaries. Local device compromise, user error, or correlation attacks by sophisticated actors remain theoretical risks.
When both devices have Briar open and Bluetooth enabled, they can sync messages directly without internet. The devices need to be within Bluetooth range (typically 10-100 meters). This is useful when internet is unavailable, blocked, or surveilled. Wi-Fi Direct also works similarly for local sync.
Yes, Briar is fully open source under the GPLv3 license. The source code is available on GitLab and has been independently audited by Cure53. This transparency allows anyone to verify the security claims and contributes to trust in the application.
You can, but Briar is optimized for security rather than convenience. It lacks features common in casual messengers like animated stickers, stories, or easy contact discovery. For everyday messaging, apps like Threema or Signal offer better usability while still providing strong encryption.
If you lose your phone, your Briar identity and messages are lost - there's no backup to central servers by design. You would need to create a new identity and re-add contacts. This is a security feature: an attacker who seizes your phone cannot recover messages even with advanced forensics if you haven't unlocked the app.