According to recent documents provided by Edward Snowden and published by The Guardian, The National Security Agency has been trying to crack the online Net-Privacy tool Tor. Tor — originally TOR, or “The Onion Router” — was first developed by the US Naval Research Laboratory and is currently funded in part by the US State Department and Department of Defense.
In essence, Tor facilitates anonymous Web surfing, forum posting, instant messaging, and other Internet communication by wrapping signals in layers of encryption and then sending them on an unpredictable path through a network of routers. Each router peels off one “skin” of encryption to send the signal along, but no one router has access to all the details — thus the signal can’t be traced back to its sender. In layman’s terms, think of how a terror cell works. Until an operation is underway, members of the cell are unaware of who the other members are, so even if someone gets busted, it’s very unlikely that the entire operation will be derailed.
US government funding is involved under the pretext of helping Internet users in countries which stringently monitor and regulate internet usage such as China. The thought is to facilitate access to restricted sites and enable communication about prohibited subjects without fear of reprisal. It might even be used, the Tor Project site says, “for socially sensitive communication: chat rooms and Web forums for rape and abuse survivors, or people with illnesses.” Law enforcement agencies say Tor is also used by terrorists, drug dealers, and child pornographers.
According to the latest secret intelligence documents drawn from the cache leaked by Edward Snowden and published by the UK’s Guardian newspaper, Tor is allegedly popular with dissidents in oppressive countries, as well as terrorists. While the NSA hasn’t accomplished an outright crack, they have been able to “de-anonymize a very small fraction of Tor users,” per an internal NSA document quoted by the Guardian.
According to an article in the New York Times last month, the NSA has sidestepped common Net encryption methods in a number of ways. These include stealing encryption keys by hacking into private servers, collaborating with tech companies to pre-build back doors, and covertly introducing weaknesses into encryption standards.