Those include statements about how far cryptanalysis have weakened the ciphers, which the NSA claims was roughly what they had expected during design.
If the NSA published its own cryptanalysis, would you believe it, or would you assume they had told less than the whole story? What if they paid an academic to publish cryptanalysis (“of course he would say that, he was paid $X by the NSA!”)? The NSA appears to be in a catch-22 here.
I think when someone like the NSA provides you an algo you either decide you can’t trust them or need to ask some heavy hitting questions to make sure it’s not broken somewhere along the line for their benefit.
I’d opt for not trusting them, but even if they did provide some details elsewhere I’d imagine ISO had some questions the NSA didn’t feel like answering...
* https://csrc.nist.gov/csrc/media/events/lightweight-cryptogr...
* https://eprint.iacr.org/2017/560.pdf
* https://www.nist.gov/sites/default/files/documents/2016/10/1...
Those include statements about how far cryptanalysis have weakened the ciphers, which the NSA claims was roughly what they had expected during design.
If the NSA published its own cryptanalysis, would you believe it, or would you assume they had told less than the whole story? What if they paid an academic to publish cryptanalysis (“of course he would say that, he was paid $X by the NSA!”)? The NSA appears to be in a catch-22 here.