Hysteria and QUIC-based transports

QUIC's deployment in HTTP/3 changed the censorship-evasion landscape. A protocol that's now used by ~30% of internet traffic, runs over UDP, encrypts more than TLS-over-TCP does, and has a complex framing model that's hard to parse — QUIC offers an attractive substrate for circumvention transports. Hysteria (versions 1 and 2) is the most prominent deployment, building a high-performance proxy specifically designed for lossy long-distance paths.

This module covers QUIC as a circumvention substrate, Hysteria's specific design choices, what QUIC inherits from HTTP/3 (including the legitimate-traffic camouflage), and what remains observable to detectors. The focus is on architecture and tradeoffs; deployment specifics live in sing-box-config-reference and similar practical articles.

Prerequisites

• udp-the-simplest-transport — QUIC runs over UDP.
• http-evolution-1-1-to-3 — HTTP/3 is QUIC's main use case.
• tls-1-3-handshake-byte-by-byte — QUIC's encryption is TLS 1.3-derived.
• side-channels-in-encrypted-protocols — QUIC's leaked side channels.

Learning objectives

1. Explain why QUIC became attractive as a circumvention transport substrate.
2. Describe Hysteria's design — congestion control, authentication, masking — and the specific lossy-path optimizations it makes.
3. Identify what QUIC-based camouflage hides versus what it still leaks to modern detectors.
4. Evaluate the tradeoffs of user-space QUIC implementations versus kernel network stacks.

Why QUIC for circumvention

Several QUIC properties matter for circumvention design:

Encrypted handshake. Unlike TLS-over-TCP where the early handshake messages (ServerHello, Certificate, Certificate Verify in TLS 1.2; Certificate in TLS 1.3) are visible to network observers, QUIC encrypts even the initial handshake under derived keys. The QUIC initial packet's payload is encrypted with a key derived from the destination connection ID — observers see structured data they can't easily parse.

Common HTTP/3 deployment. ~30% of web traffic is now HTTP/3 over QUIC (and growing). A QUIC connection to a Cloudflare-hosted site looks normal; a circumvention QUIC connection is hidden among legitimate HTTP/3 traffic.

UDP transport. QUIC runs over UDP, which has different blocking characteristics than TCP. Some censors block specific TCP ports but allow most UDP; some do the reverse. UDP gives circumvention designers a different protocol surface.

Custom congestion control. Unlike TCP's kernel-implemented congestion control, QUIC implementations have full control over their congestion behavior. This enables performance tuning for specific network conditions (lossy paths, high-RTT links) that TCP can't easily match.

User-space implementations. QUIC libraries are user-space (no kernel module needed for new versions). Faster iteration; protocol changes don't require waiting for kernel adoption.

The combination is what makes QUIC attractive: encryption that hides more from observers, traffic camouflage in legitimate HTTP/3 patterns, UDP-based transport variety, and customizable congestion control for performance.

Hysteria: high-performance lossy-path QUIC

Hysteria (v1 and v2) is a proxy protocol built specifically on QUIC, optimized for lossy long-distance paths where conventional TCP-based proxies suffer.

The design choices:

Custom congestion control. Hysteria uses Brutal-style congestion control — the user specifies bandwidth manually rather than letting the algorithm adapt. The intent: avoid TCP's behavior of throttling under packet loss (which on lossy links is constant), instead push aggressively at the user-configured rate. This works much better than TCP on cellular links, satellite links, and other lossy-path environments.

Password-based authentication. Clients prove they know a shared secret password before the proxy will service their connections. This addresses active probing (probers without the password get nothing useful).

HTTP/3 masquerade. The Hysteria protocol attempts to look like HTTP/3 traffic to network observers. The packets follow QUIC framing; the masquerade detail varies by Hysteria version.

Multipath support (v2). Hysteria 2 supports multiple paths simultaneously, which can use multiple connections for higher throughput and resilience to single-path issues.

0-RTT handshake (v2). Subsequent connections from the same client don't require full handshake, reducing latency.

The performance picture: on a lossy 200ms-RTT link with 5% packet loss, Hysteria typically delivers 80% of the underlying link bandwidth where TCP-based proxies might deliver 20%. The Brutal congestion control is doing the heavy lifting.

The cost: aggressive congestion behavior is unfair to other traffic on the same link. Hysteria's documentation specifically warns operators against deploying it on shared networks because the bandwidth-grabbing behavior can starve other connections. Pure single-user-on-their-own-link deployments are the right fit.

QUIC versus TCP/TLS observer surface

What's visible to a passive observer:

QUIC hides more than TCP+TLS does at handshake time, but flow-level features (volumes, timing, packet counts) are the same. Side channels through these features (covered in side-channels-in-encrypted-protocols) work against QUIC too.

What QUIC-based camouflage doesn't fix

The encryption is more comprehensive, but:

Behavioral classification. A QUIC-based proxy generates traffic patterns different from typical HTTP/3 browsing. ML classifiers trained on HTTP/3 traces can flag suspect connections.

Connection patterns. Sustained connections at high throughput are unusual for normal HTTP/3 traffic; Hysteria's bandwidth use can stand out.

Server fingerprint. Even with QUIC, the server has observable characteristics (which QUIC implementation, what initial settings). Hysteria servers may be distinguishable from genuine HTTP/3 origin servers.

IP-level analysis. Connecting to a "non-Cloudflare" QUIC IP from Cloudflare-heavy traffic patterns is suspicious; censors can block by IP.

Volume. Aggregate traffic to a specific destination over time reveals usage; a circumvention server will have characteristic patterns.

The defensive picture: QUIC-based transports raise the bar for detection but don't eliminate it. Sophisticated censors with behavioral classifiers can still flag suspect QUIC traffic; the false-positive rate is just higher than for less-camouflaged transports.

Hands-on exercise

QUIC vs TCP+TLS observer surface table.

Tools: notes. Runtime: 5 minutes.

Refer to the table above. For each row, ask: does QUIC's hiding actually help against the threat? Specifically:

• Source/dest IP visible in both: doesn't help.
• Initial handshake content: encrypted in QUIC, visible in TLS pre-ECH. Helps against handshake-content censors.
• Stream structure: encrypted in both (TLS 1.3 encrypts records). Helps marginally.
• Connection migration: QUIC supports it; TCP doesn't. Migration events visible to observer; can help with mobility but creates new observable.
• Volume/timing: visible in both. Doesn't help against statistical classifiers.

The honest assessment: QUIC hides more details about what handshake is happening, but doesn't hide that a connection exists or what its flow shape is.

High-level Hysteria session pseudocode.

client_connect(server_address, password):
  udp_socket = open_udp(server_address)
  quic_session = quic_handshake(udp_socket, server_alpn="h3")
  # During QUIC handshake, the initial packet payload is encrypted with
  # keys derived from connection IDs; observers see opaque structured data.

  # After QUIC session is up, send the Hysteria authentication
  send_authenticated_setup(quic_session, password=PASSWORD)
  if not authenticated:
    fall_back_to_h3_response(quic_session)  # serve real-looking H3 response
    return

  # Authenticated; switch to proxy mode
  while connection_open:
    request = receive_proxy_request(quic_session)
    upstream = open_upstream(request.destination, request.protocol)
    bidirectional_relay(quic_session, upstream)

Identify the key properties:

• The QUIC handshake itself is indistinguishable from a normal HTTP/3 handshake.
• The Hysteria-specific authentication is encrypted within the QUIC session.
• Without authentication, the server can fall back to serving normal HTTP/3 (probe resistance).
• Brutal congestion control is applied to the data plane after authentication.

Common misconceptions and traps

"QUIC is undetectable." QUIC encrypts more handshake content than TCP+TLS; it doesn't hide flow shape or destination IP. Behavioral classifiers can still identify suspect QUIC.

"Hysteria is faster than everything because of Brutal." Brutal is faster on lossy paths; on stable low-loss paths, it doesn't significantly outperform TCP and may be unfair to other users.

"QUIC works everywhere TCP does." Some networks block UDP for non-DNS, non-NTP destinations. Some have low UDP rate limits. QUIC connections may fail where TCP+TLS would succeed.

"User-space QUIC is always faster." Kernel-bypass via DPDK can be faster for some workloads, but most user-space QUIC implementations are slower than kernel TCP/TLS at the same workload due to context switches and copies.

"Hysteria is the only QUIC-based circumvention transport." TUIC, NaiveProxy, and several others are also QUIC-based. The ecosystem is broader than Hysteria alone.

Wrapping up

QUIC's properties — encrypted handshake, common HTTP/3 deployment, UDP transport, customizable congestion control, user-space implementation — make it an attractive substrate for circumvention. Hysteria is the most prominent deployment, optimizing specifically for lossy long-distance paths via Brutal congestion control and password-based authentication.

The substrate change addresses some censor capabilities (handshake-content inspection) but not others (flow-shape classification, IP-level filtering). QUIC-based circumvention is one tool in the toolkit; for adversaries with sophisticated behavioral classifiers, additional camouflage at the traffic-shaping layer is needed.

The next module (decoy-routing-and-refraction-networking — coming soon) covers refraction networking, where the design moves from "hide the connection" to "have a cooperative network path infrastructure" — a different architectural approach with different tradeoffs.

Further reading

• Hysteria documentation — the canonical Hysteria reference.
• Hysteria 2 design notes — architectural details and design rationale.
• QUIC characterization papers — what QUIC traffic exposes that TCP doesn't.
• xray-reality-vs-wireguard — RouteHarden's comparison that includes QUIC-based options.