But now since you only observed 1000 exit nodes making traffic and you know node A was used by Joe, you only have to search 5999*1000 = 5,999,0000 possible paths from C observed to B possible middle nodes. So you only need to do 6 million delta t travel time comparisons.

| dt_model - dt_observed | where dt_model is from the lookup table of values containing node A and C, and dt_observed are the actual calculated dt values from Joe's first connection to the first output burst at those 1000 exit nodes.

And this is why you want two things :
1. Intractable amount of possible paths.
2. Entire path not under a single surveillance grid.

Which can be achieved by. 1. Making the path length longer than 3 hops. 2. Chosing each node far away from each other outside of the supervision and jurisdiction of a single monitoring authority.

US relays 6676/8 = 834.5 ~ 835
US Exits 908/5 = 181.6~182

So if all 3 nodes in your path stay in the United States, you have 835 C2 * 182 possible paths. this is 63,371,490 or 64 million. If you are under surveillance as mentioned then only 835*182 = 151,970 possible paths need to be investigated. This is now an extremely tractable problem.

150,000 dt_model constructed by sending ping packets through all 64 million 3 node USA only paths.