I was wanting to get some background on SHA3-256, since it appears to be one of the keys to the project crypto, and since MD5/SHA-256 seem so far in the distant past.
Just wanted to share an excellent history lesson presentation I ran into online:
10 Likes
Does NIST not have a reputation for crippling new contenders?.. I seem to recall fairly substantial cynicism about their bowing to the NSA previously… eg Did NIST Cripple SHA-3? - Slashdot
I think the sum of it was roughly along the lines that “512 bit would cripple any ability to decrypt it even with quantum supercomputers. I bet they’re weakening the maximum bit size of the hash to 256 bit and making random changes to it, most likely to weaken it.”
1 Like
I remember watching (online, not live) this FOSDEM presentation of the makers of SHA3 themselves: FOSDEM 2013 - Keccak, More Than Just SHA3SUM
Concerning the content, I remember not so much 
1 Like
I tend to believe that they managed the process, but most of the criticisms and evaluations of the crypto were from the open community.
No idea about any backdoors or other weakening, but they managed the process on SHA3, with 4 variants reduced to 2 - SHA3-256 and SHA3-512.
I always thought No Such Agency had beaten elliptical curve based methods a few years back.