{"id":51481,"date":"2025-10-07T11:46:32","date_gmt":"2025-10-07T11:46:32","guid":{"rendered":"https:\/\/dogewisperer.com\/?p=51481"},"modified":"2025-10-07T11:46:32","modified_gmt":"2025-10-07T11:46:32","slug":"the-nsa-is-trying-to-backdoor-bitcoin-warns-peter-todd-heres-how","status":"publish","type":"post","link":"https:\/\/dogewisperer.com\/?p=51481","title":{"rendered":"The NSA Is Trying To Backdoor Bitcoin, Warns Peter Todd \u2014 Here\u2019s How"},"content":{"rendered":"
\n

Prominent Bitcoin developer Peter Todd alleged on Monday, October 6, that the US National Security Agency (NSA) is \u201clooking to backdoor crypto again\u201d via the rollout of so-called quantum-secure algorithms\u2014this time by pushing deployments that exclude tried-and-tested classical cryptography.<\/p>\n

\u201cTl;dr: the NSA is clearly looking to backdoor crypto again with the rollout of \u201cquantum secure<\/a>\u201d algorithms. The obvious way to implement them is AND: traditional AND quantum secure. So you need to break both. The NSA is trying to remove that seatbelt: quantum-only,\u201d Todd wrote<\/a>.<\/p>\n

Is The NSA Plotting A Quantum Backdoor Into Bitcoin?<\/h2>\n

Todd\u2019s comments came as cryptographer Daniel J. Bernstein (DJB) published a pair of blog posts\u2014on October 4 and 5\u2014criticizing current Internet Engineering Task Force (IETF) processes and warning that \u201cweakened cryptography\u201d could be standardized through procedural changes that suppress dissent.<\/p>\n

In \u201cMODPOD: The collapse of IETF\u2019s protections for dissent,\u201d Bernstein argues that a new moderation framework enables content-based censorship of objections, including objections to eliminating \u201chybrid\u201d deployments that combine classical and post-quantum schemes. He adds there is \u201cuseful action\u201d stakeholders can take by Tuesday, October 7 to oppose these changes.<\/p>\n

At the heart of the dispute is whether migrations to post-quantum cryptography (PQC) should favor hybrid combinations\u2014e.g., classical ECDH and PQ key encapsulation\u2014rather than quantum-only switches. Hybrids hedge the unknowns of newly standardized PQC by requiring an attacker to break both components to compromise a session or signature. The IETF formalized the term \u201chybrid\u201d in June 2025 (RFC 9794), and NIST\u2019s own guidance and FAQs likewise describe and allow hybrid key-establishment modes during transition. That context underpins Todd\u2019s claim that pushing \u201cquantum-only\u201d is a dangerous deviation from best practice.<\/p>\n

Bernstein\u2019s companion post on October 4 details real-world hybrid deployments\u2014Google\u2019s CECPQ1\/2 experiments (ECC+NewHope, ECC+NTRU, ECC+SIKE), multi-vendor SSH support for ECC+sntrup761, and today\u2019s browser usage dominated by ECC+ML-KEM (Kyber)\u2014as evidence that hybridization is already mainstream and operationally feasible at Internet scale. The post argues that eliminating hybrids would lower safety margins precisely when new PQC is still maturing.<\/p>\n

NIST, for its part, has led the global PQC program since 2016 and in August 2024 finalized standards for ML-KEM (Kyber) and two signature schemes (ML-DSA\/Dilithium and SLH-DSA\/SPHINCS+), with additional algorithms such as HQC selected in 2025. Throughout its materials, NIST acknowledges hybrid modes as legitimate transition mechanisms and has hosted dedicated workshops on KEM guidance\u2014positions that cut against a blanket \u201cquantum-only\u201d mandate.<\/p>\n

Why this matters for Bitcoin and broader crypto is twofold. First, Bitcoin\u2019s ecosystem relies heavily on standardized primitives and network protocols\u2014hashes, signatures, handshakes\u2014whose evolution is shaped by NIST and IETF outputs even when implementation occurs in open-source codebases. Second, Todd grounds his warning in history: the NSA\u2019s alleged role in the Dual_EC_DRBG fiasco two decades ago, where a NIST-endorsed random number generator was later withdrawn amid credible backdoor concerns, including reports that RSA made it the default in its toolkit following a secret payment. \u201cEndorsement of backdoored crypto has happened before at the behest of the NSA,\u201d Todd wrote, adding \u201cIt\u2019s not a theoretical risk. They\u2019re clearly gearing up to do it again.\u201d<\/p>\n

There is, however, no public proof that the NSA is currently<\/a> inserting a specific backdoor into NIST\u2019s PQC standards or IETF drafts. NIST continues to publish open guidance, workshops, and public comment processes around PQC, including explicit documentation of hybrid approaches. Developer Fudmottin (@Fudmottin) objected to Todd: \u201cIf NIST endorsed cryptographic algorithms such as SHA-256<\/a> turn out to have back doors or a weakness, then NIST is done. No one will even ask them about the time of day (yes, NIST keeps that standard for the USA).\u201d<\/p>\n

The immediate call to action comes from Bernstein\u2019s posts urging stakeholders to engage IETF mechanisms by Tuesday, October 7 (any time zone) to object to MODPOD-style moderation and to defend hybrid cryptography as the default transition path. Todd\u2019s amplification into the Bitcoin community underscores a longstanding mistrust of intelligence-led cryptographic policy\u2014shaped by Dual_EC and other episodes\u2014and a desire to keep consensus-critical systems insulated from standards that may weaken defense-in-depth.<\/p>\n

At press time, Bitcoin traded at $134,545.<\/p>\n

\"Bitcoin<\/div>\n","protected":false},"excerpt":{"rendered":"

Prominent Bitcoin developer Peter Todd alleged on Monday, October 6, that the US National Security Agency (NSA) is \u201clooking to backdoor crypto again\u201d via the rollout of so-called quantum-secure algorithms\u2014this time by pushing deployments that exclude tried-and-tested classical cryptography. \u201cTl;dr: the NSA is clearly looking to backdoor crypto again with the rollout of \u201cquantum secure\u201d […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":0,"footnotes":""},"categories":[2],"tags":[3,4,5],"class_list":["post-51481","post","type-post","status-publish","format-standard","hentry","category-news","tag-crypto","tag-doge","tag-news"],"_links":{"self":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/51481","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=51481"}],"version-history":[{"count":0,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/51481\/revisions"}],"wp:attachment":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=51481"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=51481"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=51481"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}