2022.08.07 20:15:37 (1556343320212688896) from Daniel J. Bernstein, replying to "Nadim Kobeissi (@nadim@symbolic.software) (@kaepora)" = "Nadim Kobeissi (@kaepora)" (1556339903499214848):
Certain people are falsely attributing to the blog post an inflammatory bribery claim. I never made that claim, in the blog post or anywhere else. The claim is totally out of whack with what the blog post explicitly says. Read for yourself; don't get suckered by disinformation.
2022.08.07 20:25:18 (1556345758332268545) from Daniel J. Bernstein:
People starting from wanting to believe NISTPQC can't have been sabotaged were already making the these-are-top-experts-who-can't-have-been-bribed argument. The blog post notes this argument and then states verifiable facts trumping it, such as IDA hiring Coppersmith years ago.
2022.08.07 19:49:04 (1556336638636085248) from Daniel J. Bernstein, replying to "Nadim Kobeissi (@nadim@symbolic.software) (@kaepora)" = "Nadim Kobeissi (@kaepora)" (1556289215045976064):
"At the risk of belaboring the obvious: An attacker won't have to say 'Oops, researcher X is working in public and has just found an attack; can we suppress this somehow?' if the attacker had the common sense to hire X years earlier, meaning that X isn't working in public." 1/2
2022.08.07 19:51:00 (1556337124734951424) from Daniel J. Bernstein:
Quote continued: "People arguing that there can't be sabotage because submission teams can't be bribed are completely missing the point. ... It's not hard to imagine that [NSA] has been pushing NISTPQC to select algorithms that NSA secretly knows how to break." 2/2
2022.08.07 20:01:11 (1556339686284607491) from "Nadim Kobeissi (@nadim@symbolic.software) (@kaepora)" = "Nadim Kobeissi (@kaepora)":
Yes, I have read this. Some believe that your post is intentionally insinuating that NSA has tried (or even succeeded in) bribing NIST PQC candidates. I did not read your post this way, but I strongly advise you to explicitly clarify if that is what you intended to say or not.
2022.08.07 20:02:03 (1556339903499214848) from "Nadim Kobeissi (@nadim@symbolic.software) (@kaepora)" = "Nadim Kobeissi (@kaepora)", replying to "Nadim Kobeissi (@nadim@symbolic.software) (@kaepora)" = "Nadim Kobeissi (@kaepora)" (1556339686284607491):
If that is indeed what you meant to imply, then it deserves to be said explicitly. If it is not what you meant to imply, then folks are putting pretty inflammatory words in your mouth. As such, being explicit here is important either way.