diff --git a/lua/zapret-tests.lua b/lua/zapret-tests.lua
index a5f7e88..ea4d32e 100644
--- a/lua/zapret-tests.lua
+++ b/lua/zapret-tests.lua
@@ -211,13 +211,13 @@ function test_aes_ctr()
 		test_assert(decrypted==clear_text)
 
 		print("* decrypting with bad key")
-		decrypted = aes_ctr(bu8(u8(string.sub(key,1,1))+1)..string.sub(key,2), iv, encrypted)
+		decrypted = aes_ctr(bu8(bitand(u8(string.sub(key,1,1))+1,0xFF))..string.sub(key,2), iv, encrypted)
 		print("decrypted: "..str_or_hex(decrypted))
 		print( decrypted==clear_text and "DECRYPT OK" or "DECRYPT ERROR" )
 		test_assert(decrypted~=clear_text)
 
 		print("* decrypting with bad iv")
-		decrypted = aes_ctr(key, bu8(u8(string.sub(iv,1,1))+1)..string.sub(iv,2), encrypted)
+		decrypted = aes_ctr(key, bu8(bitand(u8(string.sub(iv,1,1))+1,0xFF))..string.sub(iv,2), encrypted)
 		print("decrypted: "..str_or_hex(decrypted))
 		print( decrypted==clear_text and "DECRYPT OK" or "DECRYPT ERROR" )
 		test_assert(decrypted~=clear_text)
diff --git a/nfq2/lua.c b/nfq2/lua.c
index 3ab34d6..9ce2c57 100644
--- a/nfq2/lua.c
+++ b/nfq2/lua.c
@@ -411,7 +411,6 @@ static int luacall_aes(lua_State *L)
 	if (input_len!=16)
 		luaL_error(L, "aes: wrong data length %u. should be 16.", (unsigned)input_len);
 
-	aes_init_keygen_tables();
 	aes_context ctx;
 	uint8_t output[16];
 	if (aes_setkey(&ctx, bEncrypt, key, key_len) || aes_cipher(&ctx, input, output))
diff --git a/nfq2/nfqws.c b/nfq2/nfqws.c
index 269712c..940fd1a 100644
--- a/nfq2/nfqws.c
+++ b/nfq2/nfqws.c
@@ -12,6 +12,7 @@
 #include "gzip.h"
 #include "pools.h"
 #include "lua.h"
+#include "crypto/aes.h"
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -1678,6 +1679,7 @@ int main(int argc, char **argv)
 {
 	if (argc < 2) exithelp();
 
+	aes_init_keygen_tables(); // required for aes
 	set_console_io_buffering();
 	set_env_exedir(argv[0]);
 
diff --git a/nfq2/protocol.c b/nfq2/protocol.c
index a80a119..d9d314e 100644
--- a/nfq2/protocol.c
+++ b/nfq2/protocol.c
@@ -1151,8 +1151,6 @@ bool QUICDecryptInitial(const uint8_t *data, size_t data_len, uint8_t *clean, si
 	pn_offset += tvb_get_varint(data + pn_offset, &payload_len);
 	if (payload_len<20 || (pn_offset + payload_len)>data_len) return false;
 
-	aes_init_keygen_tables();
-
 	uint8_t sample_enc[16];
 	aes_context ctx;
 	if (aes_setkey(&ctx, 1, aeshp, sizeof(aeshp)) || aes_cipher(&ctx, data + pn_offset + 4, sample_enc)) return false;
@@ -1390,13 +1388,29 @@ bool IsStunBindingRequest(const uint8_t *data, size_t len)
 		ntohl(*(uint32_t*)(&data[4]))==0x2112A442 && // magic cookie
 		ntohs(*(uint16_t*)(&data[2]))==len-20;
 }
+#if defined(__GNUC__) && !defined(__llvm__)
+__attribute__((optimize ("no-strict-aliasing")))
+#endif
 bool IsMTProto(const uint8_t *data, size_t len)
 {
 	if (len>=64)
 	{
+/*
 		uint8_t decrypt[64];
 		aes_ctr_crypt(data+8, 32, data+40, data, 64, decrypt);
 		return !memcmp(decrypt+56,"\xEF\xEF\xEF\xEF",4);
+*/
+		// this way requires only one AES instead of 4
+		uint8_t decrypt[16], iv[16];
+		aes_context ctx;
+
+		memcpy(iv, data+40, 16);
+		ctr_add(iv,3);
+		if (!aes_setkey(&ctx, AES_ENCRYPT, data+8, 32) && !aes_cipher(&ctx, iv, decrypt))
+		{
+			*((uint64_t*)(decrypt+8)) ^= *((uint64_t*)(data+56));
+			return !memcmp(decrypt+8,"\xEF\xEF\xEF\xEF",4);
+		}
 	}
 	return false;
 }