security · kstealth

kstealth — an anti-censorship transport protocol.

A per-session, neural-network-shaped framing layer wrapped around standard, unmodified cryptography — X25519 key exchange, ChaCha20-Poly1305 AEAD, HKDF-SHA256 key derivation. The shape of the traffic varies session to session; the cryptography underneath stays boring and standard on purpose.

What it does

Deep-packet-inspection systems fingerprint protocols by their traffic shape, not just their content. kstealth varies that shape per session — a small network picks the frame layout — while leaving the actual cryptographic primitives standard and auditable underneath.

Why standard crypto

The novelty is deliberately confined to the framing layer, not the cryptography. X25519, ChaCha20-Poly1305, and HKDF-SHA256 are unmodified, widely reviewed primitives — the goal is traffic-shape diversity, not a home-grown cipher.

Where it stands

Seven build phases are complete with 135+ tests passing and a clean race-detector run. The remaining phase is a live field test against real deep-packet-inspection deployments — not yet run, reported honestly as open.