Also I forgot to mention that even if they cannot break the encryption of Tor it does not matter as far as deanonymizing people goes. In quite a few cases you can even use traffic analysis to see what data someone is transmitting even if it is an encrypted transmission. One thing is for sure, directly breaking encryption is almost always the hardest way to obtain the plaintext version of a ciphertext.