To Tor or not to Tor?

rysiek rysiek at
Wed Mar 26 02:47:52 PDT 2014

Dnia wtorek, 25 marca 2014 18:49:10 coderman pisze:
> correct, an IP alone insufficient to impersonate a Tor node.  you
> would also need key material.

Ok, I was not being very clear what I meant.

I meant a situation in which the NSA can listen-in on any connection in the 
clearnet, including connections between Tor nodes. They *can't* break the 
encryption nor do they have the keys...

...*But* (esp. if most of these nodes are in the US) they *can* observe that 
in sequence there are packets being sent between IP1, IP2, IP3 and IP4, and 
that these packets get smaller at each step, in a way that is coherent with 
removing layers of Tor encryption.

What they can get from that is information; IP1 is communicating via Tor with 

So now they know whom to target with QUANTUM when they'd be using clearnet for 

Tor encryption gets less relevant if NSA gets access to the endpoints via 
other means, and for that they need to know whom to target. Observing packets 
flying between Tor nodes can give them that info -- at least that's a 
suggestion somebody made elsewhere.

So my question is, does that make sense? Is that a viable threat?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <>

More information about the cypherpunks mailing list