Especially when crypto is involved. Given the large number of completely broken cryptosystems, making this open source will give it a fighting chance to not be entirely broken.
Anything that handles critical data and sends it encrypted to third parties needs to be open source in this day and age or wont be used by people who take their data serious. Actually it doesn't even need to be sent to third parties to hit the open source requirement. Having crypto involved like you said is reason enough.