China mode: how hardened obfuscation works
A step-by-step look at how we hide frame lengths from DPI in hostile networks.
Why hardened mode exists
Logrus's default obfuscation is [2B length][AEAD(payload)]. One AEAD op per frame, fast, hides payload well. But frame lengths travel in the clear — that's enough for DPI to do ML-style flow classification.
For GFW (China) and TCI (Iran) that gets you to 85–90% VPN-detection accuracy. Hardened mode closes that gap.
Frame format
In hardened:
[ AEAD(2B length) ][ AEAD(payload) ]
Two AEAD operations. The length is encrypted (every frame with a unique nonce), then the payload is encrypted with an independent key. Result: DPI sees a stream of random bytes with no visible structure.
Cost
- CPU: ~40% slower on x86-64 vs. fast mode (556 → 340 MB/s on M1 Pro).
- Overhead: +16 bytes per frame for the extra AEAD tag.
For networks where fast mode hits a wall, this is a very fair price.
When it activates
Hardened turns on automatically when the client lands in the "hostile" set:
- GeoIP places the user in CN/IR.
- Recent connection attempts had RST or first-second timeouts more than N times.
- The user toggled it on manually.
Testing
If you're writing a transport and want to smoke-test hardened locally:
make bench-hardened
This runs logrus-bench in a loop, measures throughput, and dumps a CPU profile. Expect ~350 MB/s on modern hardware.
What's next
Next step: dynamic key rotation every N MB of traffic. Today the key is fixed per session, which gives long sessions statistical signal for cryptanalysis. Q3 2026 on the roadmap.