A chosen plaintext attack is a form of cryptanalysis that, at least in public knowledge, does not work on any modern encryption system. An attack like that being shown to work on TLS would immediately be cause for a move away from 1.3.
> . If you use some sort of generic tunneling protocol like TLS/OpenVPN to access public internet, then it is possible to fingerprint your traffic for different websites with about 90% accuracy.
Fingerprinting connections based on bandwidth/connection timing has been postulated but I haven't seen any proof that such attacks are practical. Where are you getting this information? 90% accuracy under what circumstances? How many people are connecting through the tap to this hypothetical VPN? How much traffic do you have to analyze before getting this 90% accuracy? How many bits of information can be gathered through these correlative tap in tap out procedures?
Hypothetically the NSA could tap the entire internet and use correlation attacks to deanonymize any connection, given a long enough time. I find it hard to believe that these attacks provide them that many bits, though, because darknet markets are still a thing and people still get away with massive amounts of cybercrime.