AmneziaWG

AmneziaWG is a fork of [WireGuard-Go], inheriting the architectural simplicity and high performance of the original implementation, but eliminating the identifiable network signatures that make WireGuard easily detectable by Deep Packet Inspection (DPI) systems.

Version 1.5 takes obfuscation to the next level: traffic can now be disguised as common UDP protocols (such as QUIC, DNS, etc.), making it indistinguishable from regular internet traffic.

The predecessor of AmneziaWG, WireGuard, has established itself as a fast and reliable VPN protocol thanks to its compact codebase and high efficiency. However, its fixed packet headers and predictable packet sizes create an easily recognizable signature. DPI systems can effortlessly identify these packets and immediately terminate connections—a critical issue in countries with strict internet censorship.

AmneziaWG 1.5 addresses this issue through multi-level obfuscation at the transport layer: it modifies packet headers, randomizes handshake message sizes, and allows traffic to be disguised as popular UDP protocols. At the same time, the fundamental cryptographic core of WireGuard remains unchanged, preserving its performance and security.

---

Key Advantages

• Invisibility to DPI — dynamic headers and randomized packet sizes.
• Protocol Masking — mimics QUIC, DNS, SIP, and other UDP protocols.
• High Performance — operates as a Linux kernel module, with encryption using the single-pass AEAD algorithm ChaCha20-Poly1305 optimized with SIMD, identical to WireGuard.
• Energy Efficiency — Go-based implementation running in user space without heavy cryptography, making it suitable for mobile devices and routers.
• Cross-platform Support — compatible with all major operating systems.
• UDP Transport — all traffic transmitted over UDP, simplifying circumvention of censorship and reducing latency.
• Ease of Configuration — simply specify the signature of the masking protocol; remaining parameters are filled automatically.
• Backward Compatibility — when masking mechanisms are disabled, the client is fully compatible with standard WireGuard.

---

How It Works

Below is a step-by-step explanation of how AmneziaWG 1.5 transforms classic WireGuard traffic into an indistinguishable stream of UDP packets.

1. Dynamic Headers for All Packet Types

   During tunnel initialization, the library generates a set of random constants applied to each of the four WireGuard packet formats: Init, Response, Data и Under‑Load. These constants:

   • Replace predictable WireGuard packet identifiers;
   • Shift offsets of Version/Type fields;
   • Modify reserved bits.

   As a result, no two clients have identical headers, making it impossible to write a universal DPI rule.

2. Handshake Length Randomization

   In WireGuard, the Init packet is exactly 148 bytes, and the Response packet is exactly 92 bytes. AmneziaWG adds pseudorandom prefixes S1 and S2 (0–64 bytes by default):

   len(init) = 148 + S1
   len(resp) = 92  + S2 

   Offsets of the remaining fields are automatically adjusted, and MAC tags are recalculated accordingly.

3. Obfuscation Packets I1–I5 (Signature Chain) и CPS (Custom Protocol Signature)

   Before initiating a "special" handshake (every 120 seconds), the client may send up to five different UDP packets fully described by the user in the CPS format. The primary packet—I1—contains a hex snapshot of an actual protocol (e.g., a QUIC Initial handshake), which can also be randomized. The remaining packets, I2–I5, increase entropy through counters, timestamps, and random data.

   We named this format CPS — Custom Protocol Signature:

   i{n} = <tag1><tag2><tag3>...<tagN>

   Tag Types

   Tag	Format	Description	Constraints
   b	<b hex_data>	Static bytes to emulate protocols	Arbitrary length
   c	<c>	Packet counter (32-bit, network byte order)	Unique within the sequence
   t	<t>	Unix timestamp (32-bit, network byte order)	Unique within the sequence
   r	<r length>	Cryptographically secure random bytes	length ≤ 1000

   Example of a CPS packet

   i1 = <b 0xf6ab3267fa><c><b 0xf6ab><t><r 10>

   Important: If the parameter I1 is missing, the entire chain (I2–I5) is skipped, and AmneziaWG behaves as AmneziaWG 1.0, simplifying compatibility.

4. Junk‑train (Jc)

   Immediately following the sequence of I-packets, a series Jc of pseudorandom packets with lengths varying between Jmin and Jmax is sent. These packets blur the timing and size profile of the session start, significantly complicating handshake detection.

5. Under‑Load Packet

   In WireGuard, a special keep-alive packet (“Under-Load”) is used to bypass NAT timeouts. AmneziaWG replaces its fixed header with a randomized one, the value of which can be set manually via GUI. This prevents DPI from filtering short ping packets, ensuring stable tunnel connections, especially on mobile networks.

6. UDP Transport with Unmodified Encryption

   At the cryptographic layer, AmneziaWG remains identical to WireGuard, using Curve25519, ChaCha20‑Poly1305, and bidirectional key rotation. Obfuscation operates strictly at the transport layer, leaving the payload fully compatible with the original WireGuard protocol. AmneziaWG modifies only the packet headers.

   Summary: DPI sees only a randomized sequence of UDP packets with unpredictable headers, a blurred handshake, and unique per-user signatures. Meanwhile, the tunnel’s speed and reliability remain virtually indistinguishable from WireGuard.

---

Configuration Parameters

Parameter	Range	Description
I1-I5	arbitrary hex‑blob	Signature packets for protocol imitation
S1, S2	0-64 байта	Random prefixes for Init/Response packets
Jc	0-10	Number of junk packets following I1‑I5
Jmin, Jmax	64-1024 байта	Size range for random junk packets

With all parameters set to zero, behavior defaults to standard WireGuard—facilitating a smooth migration.

---

Security

AmneziaWG 1.5 does not alter WireGuard’s cryptography, thus inheriting its proven security (the Noise_IK key-exchange protocol with Curve25519 and AEAD ChaCha20-Poly1305). Obfuscation fields are authenticated using the same MAC tags as the primary headers.

Security Audit: Since the cryptographic core remains unchanged, all existing security analyses of WireGuard remain applicable.

---

Next Steps

Detailed deployment and configuration instructions:

• Using the AmneziaWG 1.5 Protocol on Self-hosted Servers

---

Additional Resources

• AmneziaWG Main Repository
• AmneziaWG Tools
• Android GUI for AmneziaWG
• Embeddable AmneziaWG Tunnel Library
• AmneziaWG for iOS and macOS

Native AmneziaWG Clients

Configurations can be used not only within AmneziaVPN but also with specialized clients:

• Android (Google Play)
• iOS (App Store)
• Windows (GitHub)

Installation of AmneziaWG via the console

• Installing AmneziaWG and other necessary utilities on a VDS server
• Installing AmneziaWG on an Android device
• Installing AmneziaWG on an OpenWRT device