I've thought about this too (and the BGP routing thing I hadn't heard,
but I was aware that ATT, et.al. were being NSA-friendly by routing
international calls through US-based switches) -- but if they do it
for voice, they do it for data, since to AT&T, it's all really data
anyway.
So how about this as a proposed solution:
Rather than encrypt individual TCP streams, allow the TOR nodes (or at
least the intermediates) to do GRE or IPSEC, and then route multiple
streams (each themselves encrypted) inside a seperately encrypted tunnel.
This would make it impossible (er...more difficult) for someone to
match traffic entering with traffic exiting (assuming sufficient
padding and whatnot to keep traffic fairly constant). Unless you can
pick a large "burst" out of the other chatter, you'd make it
signifigantly harder to trackback on an individual stream.
Sort of like a mesh-network of opportunistically created VPNs --
creating an encrypted "cloud". I think this is sort of what the
Freedom network tried to do commercially a few years ago. Another
advantage of this might be the ability to actually use BGP tables to
assist in routing, since at this point, you'd have created an
encrypted "overlay internet". Those tables could then be manipulated
with control traffic inside the cloud to deal with ensuring traffic is
routed through multiple countries (or around certian ones).
The other advantage of a GRE/IPsec approach would be the ability to
carry any type of traffic, not just TCP.
Thoughts?
Michael Holstein CISSP GCIA
Cleveland State University