Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] 49 Page NSA analysis of Tor

Andy Isaacson adi at
Sat Oct 5 00:17:11 PDT 2013

On Fri, Oct 04, 2013 at 02:05:23PM -0700, d.nix wrote:
> Just published by Bart Gellman (Thanks Bart!):

This is the output of a student Summer Program project, as advertised

    Cryptanalysis and Exploitation Services Summer Program (CES SP)
    (formerly MSEP)

    The Cryptanalysis and Exploitation Services Summer Program (CES SP)
    is open to undergraduate students majoring in mathematics, computer
    science, or a major with a strong background in math and computer

Here's one interesting story about a summer program invitation:

The 2006 CES SP Tor paper is pretty superficial; they make several
claims that don't bear up under the slightest analysis ("we might be
able to MITM a Tor node because the certificates are self-signed") and
don't seem to have developed any significant analysis or attacks on the

This document doesn't give much insight into capabilities the IC has
developed against Tor.  It's apparently quite common to run multiple
research teams (either known or unknown to each other) against a single
target, and a few summer students with a dozen lab machines is a pretty
small investment.  I'd expect there are other programs with more
sophisticated attacks, especially now 7 years later.

In fact the most enlightening fact about this paper might be that the
NSA thought Tor was worth attacking *at all* in 2006.

I wonder if has any referer logs from 2006 showing inbound
traffic from http://wiki.gchq/ or similar.


More information about the liberationtech mailing list