On Mon, Apr 6, 2015 at 10:03 AM, Alexis Wattel
https://cpunks.org//pipermail/cypherpunks/2015-April/007186.html
traffic analysis/correlation is not part of their threat model. The problem is that it is nowadays a definitely proven capability of adversaries.
They say that randomized wait times at each relay would make the traffic too slow.
The delay parameters must be specified before using words like "too slow[ed]" to describe the relative impacts to the full path. Further, relevance to chosen application must be considered. Some users do realtime HS2HS text/voice/video over it.
The other solution, randomized length of packets with dummy padding discarded at each relay would impact even less on responsiveness.
Using a fixed length cell network and keeping links otherwise full of chaff of said length is interesting defense to GPA correlation attack. Random length cells, even if some cars are removed, still form a uniquely identifiable train (particularly at entry/exit). Thus not useful.
deliberate desire of keeping Tor at government's reach
[queue usual comments on funding, centralized dirauths, TCP only, etc] It's opensource, fork it.