2020.07.30 09:03:46 (1288731997301432320) from Daniel J. Bernstein, replying to "Diego F. Aranha 🕷️ (@dfaranha)" (1288485603806519296):
When NIST was first proposing low-security (512-bit) DSA as a standard, it took a lawsuit by CPSR to reveal NSA's involvement: https://epic.org/crypto/dss/new_nist_nsa_revelations.html The existence of NIST-NSA coordination for #NISTPQC can't be a scandal if it's revealed _by NSA_, right? Maybe not a bad PR move.
2020.07.30 09:14:38 (1288734731878580225) from Daniel J. Bernstein:
Next I suppose NIST will spin a story about how the law _forces_ it to take private input from NSA (not true: if NIST were serious about transparency then it would automatically and immediately publish all of its NSA communication), and how they value NSA's technical expertise.
2020.07.30 09:19:05 (1288735852290433026) from Daniel J. Bernstein:
NSA's classified documents showed that its goals for DES standardization were for DES to be (1) "weak enough" for NSA to break and (2) "influential" enough to "drive out competitors". Meanwhile NSA waged a multi-decade PR battle to try to convince people they were the good guys.
2020.07.29 16:44:41 (1288485603806519296) from "Diego F. Aranha 🕷️ (@dfaranha)":
Is it just me, or are the recent NSA messages to the NIST PQC mailing list a bit weird? They are mostly devoid of real content, and read by a crowd that largely views them with justified suspicion. I don't see the point.