[philodeon]

> and doing what they did with Dual-EC, where it was impossible (apparently) for people to reason about what NSA was up to.

Schneier was clearly able to reason about what NSA was up to, and told everyone in 2007 not to use Dual-EC, 6 years before the Snowden revelations.

I believe you have admitted that you thought that “Dual-EC has a backdoor” was a wild conspiracy theory until the Snowden revelations? Which makes the “impossible (apparently)” part a classic case of projection.

[tptacek]

The (apparently) was a dunk on me.

(I thought nobody should use Dual EC! But that was my reason for thinking it wasn't an NSA backdoor, because it was too dumb to be one. I underestimated the industry's capacity for "dumb". Also: I was dumb! I am dumb a lot.)

[philodeon]

And now you believe it’s impossible for any of the NIST PQC submissions to have been backdoored or weakened. I feel safer already. :D

[tptacek]

NIST didn't design any of the PQC submissions. It did design Dual EC.

[philodeon]

NIST didn’t design Dual-EC, NSA did. But NIST did the really hard work, which involved slapping their organization’s name on it, and not asking any inconvenient questions.

Thankfully we found a better way that ensures cryptographic security, which is to get former NSA interns to write the PQC standards, instead of proper NSA employees.

[tptacek]

As a shorthand for this site, I'm not distinguishing between the two organizations. Which former NSA interns are you talking about? You can get their names from the pq-crystals.org site. Which one should we not be trusting?

[tptacek]

Is it maybe Tancrede Lepoint? He always seemed shady to me. Or Peter Schwabe?

[philodeon]

A wonderful question that exposes me to legal action if I answer.

A better question: why do you think so many of your cryptographic feline friendz were so excited about isogenies for the past decade? Where do you think they all obtained that identical enthusiasm from? Why do you think SIKE made it so far in the contest and only got eliminated through luck?