Security expert Robert Graham has done a bit of research and posts that the encryption standard used by earlier versions of the “secure” Tor protocol is most probably insecure and readable by the NSA. The vast majority of Tor servers run version 2.2 of the software which uses 1024 bit RSA/DH encryption. This is the same encryption standard that has been publicly cracked by the NSA and can be subverted in a few hours using very expensive custom chips.
What does this mean for you? Not much unless you value anonymity. Tor offers anonymous browsing, a feature important to activists, reporters, freedom fighters , and other folks who need to browse out of the limelight. That said, the fact that, in its most popular incarnation, its encryption can be (fairly) easily broken is bad. Couple this with the fact that this same standard is used in many SSL “secure” Internet interactions and things get worse. In short, writes Cory Doctorow, if the NSA can pull this off then we can be certain that other, less savory groups, have the same technology.
These tools are open source and can be salvaged. The current cipher used for Tor version 2.4 is far worse for the NSA than any 1024 bit key and it’s easier to encrypt methodically, Tor-style, than use brute force solutions to crack haphazardly, NSA style. We’re still winning, but it takes a village to keep encryption strong.