[lcnPylGDnU4H9OF]

> (1) the difficulty of maintaining a conspiracy with a large number of conspirators (the number of people who know about it must be small) and (2) almost a physical law that any device which falls into the hands of the enemy will give up any secrets it has, especially if many instances of that device are available.

They've literally done this. They released their historical document for it in 2018. It's a good read.

https://en.wikipedia.org/wiki/Crypto_AG

And you're right: in the Crypto AG story, an engineer noticed their intentional cryptography weaknesses and tried to get them fixed, so they noted that they needed to think of sneakier backdoors. They really have to be careful about who they let in on it.