| Parallel Construction. it would be a national security catastrophe if it leaked that NSA was bulk decrypting all TLS/SSL traffic Internet-wide, by using a giant rainbow table of prime pair products for instant decryption without factoring, which was first proposed by Rabin back in 1997 at a NIST working group for establishing crypto standards. then NSA would lose the biggest SIGINT advantage since ENIGMA back in WW2. so instead, DEA is tasked with finding the dummies who post photos of their hands or bookshelves or who made n00b opsec mistakes like re-using handles or email accounts that connect to their real names. then DEA applies Parallel Construction to fabricate an investigative evidence chain to present to the Court. the Court never needs to know the truth. by the way, i personally do believe NSA is doing this, and all of Tor is as good as plain text to Ft Meade, because Rabin's idea really would scale with today's computing and storage capacities, and because that is exactly what i would do too. just what do you think Bluffdale is really for? |
I love to talk about how we can mitigate attacks on cryptography as much as the next person, but have you looked at what algorithms Tor uses?
While they have a bunch of alarming legacy 1024-bit RSA and DH stuff, they also have Ed25519 identities and Curve25519 ECDH key exchange, plus running everything over TLS with various ciphersuites -- many of which are now ECDH.
https://github.com/torproject/torspec/blob/master/tor-spec.t...
The type of handshake and key exchange is chosen by the client, and I think the default has been to prefer the ntor method for a long time.