Which Circumvention Protocol Survives in 2026: A Ranking

The wrong way to compare circumvention protocols is by throughput. A protocol that downloads at gigabit speed is worthless if the censor's middlebox resets the connection in the first second. The only metric that matters under active censorship is detectability: can a passive DPI device, or an active prober that connects to your server, tell that your traffic is a proxy and not ordinary web traffic?

Three censorship systems set the bar in 2026, and they fail differently:

• China (GFW) is the hardest. As documented in the USENIX Security 2023 research on the Great Firewall, it now blocks fully encrypted traffic in real time using passive analysis alone - measuring the fraction of set bits and the count and position of printable ASCII bytes to decide what traffic is not a known protocol. It also runs active probing: it connects to your server to see how it responds. Anything random-looking or that answers a probe oddly is a target.
• Russia (TSPU) is broad but blunter. The TSPU boxes installed at every operator throttle and reset on protocol fingerprints (it crippled regular WireGuard and OpenVPN handshakes, and degrades many VPN-shaped flows) but it is less precise than the GFW and reacts in waves around political events.
• Iran filters aggressively and unpredictably, with total or near-total shutdowns during unrest, plus SNI filtering and protocol blocking the rest of the time.

So a protocol "survives" in 2026 to the degree that, to each of these systems, it looks like nothing worth blocking - ideally indistinguishable from a real TLS 1.3 or HTTP/3 connection to an ordinary website. That is the lens for every entry below.

Tier S - mimics real traffic, hardest to block

• 1. VLESS + Reality (Xray / sing-box). The current top of the field. Reality does not present a certificate of its own; for any handshake that is not from an authenticated client it transparently forwards to a real foreign website and relays that site's genuine TLS 1.3 certificate. To a passive observer or an active prober there is no proxy fingerprint and no domain in your name to correlate - the IP simply appears to host that real site. It resists both passive DPI and active probing in RU, IR and CN when configured correctly. Its one weakness is operator error: a bad dest, an SNI mismatch, or a self-signed panel on the same port.
• 2. ShadowTLS v3. Wraps a Shadowsocks-2022 tunnel behind a genuine TLS handshake to a real site, so the visible handshake is authentic TLS like Reality. Slightly more moving parts than Reality (it relies on a separately running backend) and a touch easier to misconfigure, but in the same defensive class: it looks like real TLS to a real site.

Tier A - looks like modern web traffic, strong but with caveats

• 3. Hysteria2. A QUIC/HTTP-3-shaped UDP transport. It uses a custom "Brutal" congestion control that pushes a user-defined bandwidth through lossy or throttled links, plus optional Salamander obfuscation (XOR scrambling that breaks QUIC fingerprinting) and fake HTTP/3 headers to fool shallow DPI. Excellent on bad networks and very effective in Iran and Russia. The structural risk is that it lives on UDP/443: where a censor blocks or heavily throttles UDP wholesale (a tactic the GFW and some Iranian networks use episodically), it degrades or dies. Keep a TCP-based fallback.
• 4. TUIC (v5). Also QUIC-based and lightweight, but it rides standard QUIC rather than a modified, obfuscated stack. That makes it cleaner and lower-overhead, but its QUIC fingerprint is more recognizable than Hysteria2's, and it shares the same UDP-blocking exposure. A good choice where UDP is open and you want low latency; weaker where the censor specifically targets QUIC, as China's SNI-based QUIC censorship work has shown is feasible.

Tier B - still useful, but increasingly fingerprintable

• 5. AmneziaWG. WireGuard with added junk packets and randomized header fields to defeat the fingerprinting that lets the TSPU and GFW recognize a vanilla WireGuard handshake. It revives WireGuard's speed and simplicity in places where plain WG is dead (notably Russia), and is genuinely effective there in 2026. It does not impersonate a real site, though, so against an active prober or an aggressive whitelisting censor it is weaker than Tier S.
• 6. obfs4. The veteran Tor pluggable transport: a fully randomized, high-entropy stream with no recognizable structure. For years that was enough. It is exactly the "looks like nothing" traffic the GFW's fully-encrypted-traffic detector is now built to catch, so it is unreliable in China and degrades elsewhere. Still valuable as a Tor bridge transport and as a fallback, but no longer front-line against modern DPI.
• 7. Shadowsocks-2022. The hardened AEAD revision fixed the replay and probing weaknesses that got earlier Shadowsocks actively probed and blocked by the GFW. It is fast, simple and fine in Russia and Iran. But on its own it is still a fully encrypted stream - precisely the category China's passive detector flags - so in China it needs a wrapper (ShadowTLS or a v2ray-plugin) to survive. Strong as a backend, exposed as a front end.

There is no single "best" protocol because the three censors attack different layers, and a transport that is overkill in one country is the bare minimum in another.

• Russia: the practical winners are Reality, AmneziaWG and Hysteria2. The TSPU killed plain WireGuard and OpenVPN and throttles VPN-shaped flows, but it does not do GFW-grade active probing, so a clean TLS-mimicking or obfuscated-WG transport sails through. AmneziaWG in particular is popular precisely because it resurrects WireGuard where the unmodified protocol is throttled.
• Iran: Reality, Hysteria2 and ShadowTLS perform best. Iran leans on SNI filtering and protocol blocking, so a transport whose visible SNI and handshake belong to a real, unblocked foreign site (Reality, ShadowTLS) avoids the trigger; Hysteria2's loss-tolerant Brutal control also rides out Iran's deliberately degraded links well. The hard part in Iran is the total shutdown windows, which no protocol defeats.
• China: the field narrows hard to Tier S - Reality and ShadowTLS - because only authentic-TLS-to-a-real-site survives both passive fully-encrypted-traffic detection and active probing. Bare Shadowsocks-2022 and obfs4 are flagged by the entropy detector; QUIC transports face UDP throttling and QUIC-specific filtering. If your audience includes China, design around Reality first.

The throughline: against a sophisticated censor, impersonating a real website beats hiding. Randomized, high-entropy "looks like nothing" traffic (obfs4, raw Shadowsocks) is now a detectable category in itself; "looks like a genuine TLS 1.3 / HTTP-3 session to an ordinary site" (Reality, ShadowTLS, Hysteria2) is what survives.

Every protocol in Tier S and A assumes one thing the marketing rarely states: a clean, unflagged IP that you control end to end. The most sophisticated Reality config in the world fails the moment its IP is on a censor's blocklist, because the blocklist is checked before any handshake analysis. Two practical consequences follow.

1. Commercial VPN shared IPs are a liability under aggressive censorship. A big consumer VPN advertises a handful of IP ranges to millions of users; censors enumerate and block those ranges wholesale, regardless of how good the underlying protocol is. Self-hosting on your own VPS gives you an IP that no public list points at - the single biggest reason self-hosted Reality outlasts commercial apps in Russia, Iran and China.

2. You need root, a fresh IP, and a provider that will not fold under a disclosure request. Reality, ShadowTLS, Hysteria2 and the rest all want full control of port 443/UDP 443, the ability to run the server binary, and a firewall you configure. A locked-down managed host cannot do this. An offshore VPS with full root and a clean IP can, and an offshore jurisdiction reduces the chance the IP-owner cooperates with the censoring state. For a single private endpoint a small VPS is enough - 1 vCPU and 512 MB RAM runs Reality or Hysteria2 comfortably, and our offshore VPS plans start at $19.99/mo. For many concurrent users, heavy Hysteria2 throughput, or running several transports at once for redundancy, an offshore dedicated server gives the headroom and a dedicated IP nobody else can get flagged.

The resilient 2026 setup is therefore not a single protocol but a layered one: a primary Tier-S transport (Reality or ShadowTLS) for the hardest networks, a QUIC transport (Hysteria2) for speed where UDP is open, an obfuscated-WG or Shadowsocks fallback - all on a clean offshore IP you own. sing-box runs several of these from one binary on one VPS, so the cost of redundancy is one server, not several.