China mode: how hardened obfuscation works

Why hardened mode exists

Logrus's default obfuscation is [2B length][AEAD(payload)]. One AEAD op per frame, fast, hides payload well. But frame lengths travel in the clear — that's enough for DPI to do ML-style flow classification.

For GFW (China) and TCI (Iran) that gets you to 85–90% VPN-detection accuracy. Hardened mode closes that gap.

Frame format

In hardened:

[ AEAD(2B length) ][ AEAD(payload) ]

Two AEAD operations. The length is encrypted (every frame with a unique nonce), then the payload is encrypted with an independent key. Result: DPI sees a stream of random bytes with no visible structure.

Cost

• CPU: ~40% slower on x86-64 vs. fast mode (556 → 340 MB/s on M1 Pro).
• Overhead: +16 bytes per frame for the extra AEAD tag.

For networks where fast mode hits a wall, this is a very fair price.

When it activates

Hardened turns on automatically when the client lands in the "hostile" set:

• GeoIP places the user in CN/IR.
• Recent connection attempts had RST or first-second timeouts more than N times.
• The user toggled it on manually.

Testing

If you're writing a transport and want to smoke-test hardened locally:

make bench-hardened

This runs logrus-bench in a loop, measures throughput, and dumps a CPU profile. Expect ~350 MB/s on modern hardware.

What's next

Next step: dynamic key rotation every N MB of traffic. Today the key is fixed per session, which gives long sessions statistical signal for cryptanalysis. Q3 2026 on the roadmap.