The NSA Can Read Some Encrypted Tor Traffic


Security expert Robert Graham has done a bit of research and posts that the encryption standard used by earlier versions of the “secure” Tor protocol is most probably insecure and readable by the NSA. The vast majority of Tor servers run version 2.2 of the software which uses 1024 bit RSA/DH encryption. This is the same encryption standard that has been publicly cracked by the NSA and can be subverted in a few hours using very expensive custom chips.

What does this mean for you? Not much unless you value anonymity. Tor offers anonymous browsing, a feature important to activists, reporters, freedom fighters , and other folks who need to browse out of the limelight. That said, the fact that, in its most popular incarnation, its encryption can be (fairly) easily broken is bad. Couple this with the fact that this same standard is used in many SSL “secure”…

View original post 90 more words