Mike Duvos says:
Also, I think we make far to much of the magical ability of the NSA to do things. At the present point in time, most of the cryptomathematical expertise in the world is external to the NSA. The NSA didn't invent GNFS, or for that matter, public key cryptography.
I'm on both sides of this issue. On the one hand, the people in the open crypto community are now, or soon will, substantially exceed in number the people in the black community, and the people in the open community have certain advantages in the way that they do their work. On the other hand, the people in the black community have the advantage that they can read anything that the open community produces but not vice versa, and they have at least a 15 year edge in knowledge about the design of conventional systems, and who knows (we certainly have no idea) how much of an edge in the modern cryptographic arena. We don't know for sure if the NSA knew about Public Key before the open community did. Certainly they knew of differential cryptanalysis and similar techniques, and they must know quite a lot that we don't. The black community also has lots of day-to-day experience that we don't have, and they understand both the threat model and the practical side of things a lot better than we do. Overall, I'd say that in the long run the open community is going to catch up regardless of what the NSA likes. That does not mean, however, that this is going to happen particularly soon, or that they don't still know decades more than we do. Perry