MASQUE

Tunneling Protocol Over QUIC - Secure Tunneling Protocol

Encryption

Full traffic encryption over QUIC

Proxy

Transparent traffic proxying

Standard

IETF standardized protocol

What is MASQUE?

MASQUE (Multiplexed Application Substrate over QUIC Encryption) is a tunneling protocol developed by IETF that allows proxy servers to tunnel various applications through QUIC with full encryption and multiplexing. The protocol provides secure proxying of HTTP, DNS, and other protocols through a single QUIC connection.

MASQUE addresses issues with traditional VPN and proxy solutions by providing a more secure, fast, and flexible solution for traffic protection and redirection. The protocol leverages QUIC advantages such as built-in encryption, stream multiplexing, and resistance to blocking, making it ideal for modern cloud and mobile applications.

Standards:

MASQUE (Multiplexed Application Substrate over QUIC Encryption) is standardized by IETF. RFC 9298 "Proxying IP in HTTP" defines IP traffic tunneling through HTTP/3 (QUIC). Additional extensions are described in RFC 9000 (QUIC).

RFC 9298 (IP Proxying) RFC 9000 (QUIC)

Key Benefits:

Complete data encryption
Stream multiplexing
Built-in QoS control
Scalability

Technical Specs

Standard

RFC 9298 (IETF)

View Standard

Based On

QUIC

Encryption

QUIC Encryption

Applications

VPN, Proxy, Tunneling

MASQUE Tunneling Solutions

MASQUE Tunneling Solutions

Protocol Comparison & Performance Metrics

Data Source: MASQUE Specification, VPN Benchmarks

Last Updated: November 2024

Network Condition

Standard conditions

MASQUE (Multiplexed Application Substrate over QUIC Encryption) offers superior performance for modern tunneling needs

MASQUE Advantages

  • Minimal processing overhead (2% vs 12% OpenVPN)
  • Fast connection setup (35ms vs 150ms OpenVPN)
  • Built-in TLS 1.3 encryption
  • Full multiplexing support (95%)

Ideal Use Cases

  • VPN applications requiring low latency
  • Mobile and satellite networks
  • Video and audio streaming
  • Microservices architecture

Note:

  • Processing metrics based on standard 2024 hardware
  • Encryption (100 = maximum security), MASQUE uses TLS 1.3 standard
  • Multiplexing enables parallel streams within single connection
  • MASQUE is particularly effective in unstable network conditions

Our MASQUE Research

Protocol Optimization

Research and optimization of MASQUE tunneling performance

Learn More →

CloudBridge Relay

MASQUE implementation in CloudBridge Relay for secure tunneling

Open Source →

Researching MASQUE

Researching MASQUE protocol applications for secure tunneling and proxying

Research Contact