Tor is an anonymizer. Why would embassies use an anonymizer for communicating back home? Everyone knows they’ll be communicating with home. There’s no point in hiding that. What you want to hide is the content of that communication, which Tor doesn’t do very well. You do that with standard encryption tools.
So you're claiming that using a VPN makes correlation attacks impossible? Do you have any sources on this? I'd love to read up to better understand your thinking.
Correlation attacks are attacing anonymity. If you are an embassy, there is no need for anonymity. Ok, an embassy connected to vpn.whitehouse.gov and sent 20 gb of data, so what?
(unless you are thinking about high level things, like "lots of traffic" -> "something going on", but tor won't help with that either)
I feel like if I were a network operator for something that sensitive I might send some bursts of traffic to nothing just to keep anyone trying to infer "lots of traffic" → "something going on" on their toes.
(Though certainly things like packet timing, packet size, etc. might make more thorough analyses harder to escape…)
I'm now imagining a significant portion of some small country in politically sensitive area's external internet bandwidth being composed entirely of vpn encrypted email with attached Word docs and Powerpoint decks full of "This page left intentionally blank" sent from embassies back to their respective motherships...
Yes, it's good practice for an embassy to use a VPN to their home country for 100% of incoming and outgoing traffic (at least that's how I would do it).
Yes, if you are an embassy, you can be pretty sure that the host country is watching all of your traffic very carefully. Having all the traffic go via VPN is just sanity.
(and for really secure stuff you will want a channel with constant rate, constant size packets, as others said)
