Over the last few days I've been building USTPS (UDP Speedy Transmission Protocol Secure), an experimental encrypted transport protocol built on top of UDP.

The primary goal of USTPS is low-latency video streaming. A server can take a video source and expose it through a USTPS endpoint, while Linux and Android (Termux) clients receive the stream and expose it locally to applications such as VLC, mpv, and FFmpeg.

Although streaming is the main focus, USTPS is not limited to media delivery. It can also be used for other reliable encrypted UDP-based applications, which is why I built USSH on top of it.

Some of the main design differences compared to TCP-based transports are:

- USTPS is reliable but unordered. - If packet N is lost, later packets can still be accepted and processed immediately. - Missing packets are recovered through selective retransmission. - Ordering is handled by the application layer when needed.

This means the transport layer itself does not introduce Head-of-Line Blocking. The tradeoff is that applications which require ordering must implement reordering themselves. I consider this a reasonable tradeoff because it avoids forcing every application to pay the cost of transport-level ordering.

For media player compatibility, the default USTPS client creates a local TCP endpoint at 127.0.0.1:1238.

The client maintains a small reordering buffer (350 ms by default) to give retransmissions time to arrive before forwarding data to the local TCP stream. This allows existing software such as VLC, mpv, and FFmpeg to work without modification.

USTPS currently provides:

- Reliable delivery using ACKs and selective retransmissions - X25519 key exchange - AEAD encryption (AES-GCM and ChaCha20-Poly1305) - Optional unordered live output mode - Stream position metadata - Multi-client support - Local TCP compatibility output - No congestion control (currently intentional)

While developing USTPS, I also built USSH, an SSH-like remote shell running entirely over USTPS.

USSH uses the same unordered transport underneath, but the client reconstructs and orders terminal data before presenting it to the user. This prevents terminal corruption while still allowing the transport layer itself to remain unordered.

USSH includes:

- Interactive terminal sessions - PTY support - Password authentication - Host key verification (TOFU) - End-to-end encrypted communication through USTPS

I'm currently using USSH from my Android phone through Termux to manage my VPS.

The project is very young (less than a week old) and is primarily experimental and educational. I'm interested in feedback from people working on transport protocols, streaming systems, SSH implementations, QUIC, SCTP, and networking software.

USTP-Secure: https://github.com/x1colegal/USTP-Secure

USSH: https://github.com/x1colegal/USSH

Internet-Drafts:

USTPS Draft: https://datatracker.ietf.org/doc/draft-x1co-ustps/

USSH Draft: https://datatracker.ietf.org/doc/draft-x1co-ussh/

Questions, criticism, and suggestions are welcome.