[StavrosK]

I don't think we're going to agree on this, because at this point it is a matter of degree. I find it more likely that an error will not be malicious, it will just be a honest mistake that will make the entire system less secure.

Cryptosystem security isn't the same as binary security (i.e. against exploits). You can have a very insecure binary (in the exploit sense) but still have valid, strong cryptography (e.g. in its output).

Sure, with something like this, you want the binary to also not be easily exploitable, but I think that getting the cryptography right is more important.

Given these two points (malice vs incompetence and cryptography vs security), I think it is more important for the program to be open source, even if it's complicated, than the other way around.

There aren't many expert cryptographers who are also expert reversers, sadly.