Protocol comparison

Hello there, and thanks for this awesome project!

While sing-box implements a huge variety of protocols to circumvent censorship, the question remains: which protocol currently is the most reliable to bypass censorship?

From my own research, I think the summary is:

  • Shadowsocks – the first and oldest one, pretty simple to deploy and use, but easily detectable by country firewalls.
  • Vmess – the first iteration of V2Ray family protocols, improving upon Shadowsocks legacy. Since 2020, considered not safe.
  • VLESS – the second iteration of V2Ray protocols, which only implements authentication, while XTLS is the encryption part. On the reddit and other places, many recommend deploying VLESS+XTLS-Vision which is considered the most reliable (citation needed).
  • Naive/Hysteria – unfortunately, couldn’t find much information about these…
  • ShadowTLS/Trojan – the most recent and (based on this paper – ) the most sophisticated protocols. ShadowTLS is basically an extension to Shadowsocks, which is a huge plus for deployment. IMHO, this is the current king to bypass censorship.

If anyone could write-up a detailed comparison between feature set and overhead/speed between all these protocols, I would be much appreciated.

1 Like

Oh, and one more thing: can someone help me understand the differences between XTLS-Reality and ShadowTLS? It appears they are solving the same problem, just for a different protocols (VLESS and ShadowSocks).

There is no difference on the goal or ShadowTLS/XTLS-Reality other than differece which come from Trojan/Vless.
A advantage of difference is good for fooling censorship mans because trojan and vless make a little difference for dialing/connecting but the traffic looks same.