DES, AES, SHA-3, LWC and PQC: Are Cryptography Competitions a Good Idea?

We are so lucky to have Daniel J Bernstein coming along for a chat [here], and he has a great new paper on cryptographic competitions for the new Journal of Cryptography [here]:

Overall, Daniel defines that NIST competition has generally reduced security for the sake of improved performance.

He defines that, generally, competitions have been good in defining cryptographic algorithms but outlines how, in some cases, that security has actually been reduced. Daniel outlines that in response to the backdoor found in Dual EC DRBG, NIST should have open competitions:

The CoV individual reports point out several shortcomings and procedural weaknesses that led to the inclusion of the Dual EC DRBG algorithm in SP 800–90 and propose several steps to remedy them. …

The VCAT strongly encourages standard development through open competitions, where appropriate. — “NIST Cryptographic Standards and Guidelines Development Process: Report and Recommendations of the Visiting Committee on Advanced Technology of the National Institute of Standards and Technology” [133], 2014