They can just block everything by default and only enable what they can decrypt. Maybe you could try tunelling encrypted data over HTTP, but heuristics could probably pick that up too.
Well, in that case I'm just going to invent a TCP-over-cat-pictures VPN. Encode all the TCP packets in the subtle details of the fur and package everything up as innocent-looking HTTP GET requests.
This realistically shouldn't be too hard to do with obfsproxy's already-built framework.
I've been thinking about this lately, and it seems that you could use something like a book code. Client and server use existing internet accessible images as the book and then your communication simply references bytes in those images: client requests a URL that encodes the bytes it wants to send, server returns HTML containing the urls of images containing the bytes it wants to send in response (and any extra content that helps make the page seem normal, ignored by the client). Pictures could be anything anywhere (lolcats, wikipedia, etc.), client should only ever need to download the picture once. Bandwidth wouldn't be great, but if the server is accessible via a wide (and evolving) variety of domains it seems like it would be quite hard to distinguish this from normal browsing.
Just pass a DVD with white noise when you meet in person. That should keep you in one time pads as long as you want to communicate with someone. All you need is XOR and a bookmark. Of course you need to meet once, if that's not feasible you're going to get more technical.
In Vernor Vinge's A Fire Upon the Deep I recall a plot element along these lines. Traders traffic in cubes of material that acts as a super dense source of pad data. Your communication partner on another ship would have the twin cube, and the two would be synced up and then provide the carrier data stream for video and other content. When your cubestuff is exhausted your secure authenticated comms cease.
If the censorship is based on the government being able to make some sense of what you're communicating, XORing with a PSK will not work, because they will see meaningless garbage and block it. The reason I suggested cat pictures is because the censors will see actual cat pictures and (hopefully) consider the protocol not worthy of blocking.
Pretty easy really. Without knowing the key for the steganographic algorithm, it's really hard to get the data out unless you can compare it to the original. So if you're sourcing the pictures from somewhere, you'll need to manipulate false bits that aren't called for from the data itself to keep it from being breakable in such a manner.
If I had the free time, I'd create a cryptographic protocol running on top of telnet that looked like someone playing a MUD.
For email, you'd encrypt data to have it look like regular prose. So you'd only get a few bits per English word, but that would be sufficient for short messages. Could also make use of extra spaces in between words.
The real trick with that would be to take an existing document, and alter it to encode a message. So you'd be doing things like using synonym choice to get your bits.
Wait, isn't reddit already used for this extensively? With each subreddit being a separate comms channel.
Or is there another reason why very little reddit content makes sense?
This realistically shouldn't be too hard to do with obfsproxy's already-built framework.