To Tor or not to Tor?

coderman coderman at
Wed Mar 26 17:01:45 PDT 2014

On Wed, Mar 26, 2014 at 2:47 AM, rysiek <rysiek at> wrote:
> ...
> I meant a situation in which the NSA can listen-in on any connection in the
> clearnet, including connections between Tor nodes.

ok. this is sounding like classic traffic analysis (on the "metadata"
rather than the content, so to speak).

> They *can't* break the
> encryption nor do they have the keys...


> ...*But* (esp. if most of these nodes are in the US) they *can* observe that
> in sequence there are packets being sent between IP1, IP2, IP3 and IP4, and
> that these packets get smaller at each step, in a way that is coherent with
> removing layers of Tor encryption.

Tor cells use padding, but this alone is not sufficient to defeat
traffic analysis.

> What they can get from that is information; IP1 is communicating via Tor with
> IP4.
> So now they know whom to target with QUANTUM when they'd be using clearnet for
> something.

this is why i am fond of everything dark!
namecoin to hidden services,
  no DNS, no plaintext.

(not entirely defeating QUATUMTHEORY, but much of it!)

> Tor encryption gets less relevant if NSA gets access to the endpoints via
> other means, and for that they need to know whom to target. Observing packets
> flying between Tor nodes can give them that info -- at least that's a
> suggestion somebody made elsewhere.

the anonymity set is large, but maybe that isn't sufficient.

this is exactly the same argument for or against zero knowledge mixes.
sure, they offer stronger protection from traffic analysis, but the
anonymity set of users is tiny, making that theoretical hardness
useless in practical terms.

> So my question is, does that make sense? Is that a viable threat?

depending on where you stand, and what network you egress, it may make
absolutely perfect sense - Tor use alone drawing scrutiny that draws

from my personal experience, _not_ in places where Tor use alone is
suspect, it has been a essential tool.

if you're concerned about NSA/TAO/SSO then you're speaking of two
broad domains of concern:

1. pervasive, passive global intercept - this is where Tor and
encryption come in.  you've just made it harder, and turned something
global and passive ineffective, pushing activity toward:

2. tailored access - the black bag jobs, weaponized exploits, HUMINT
attacks, etc.  if you've pushed your adversary to these means, you've
achieved a COMSEC and symbolic victory.

you don't defend against #2, you just fail less quickly...[0]

0.  there are exceptions.  these are left an exercise for the reader :)

More information about the cypherpunks mailing list