I don't understand cryptography enough to vet algorithms. I need to trust an authority to tell me which algorithms to use. I do not trust NIST as an authority. That's why it would be nice to have an actually trustworthy authority which does similar work to NIST.
EDIT: To more specifically address the process: If NIST wanted to get people to trust a shady algorithm, they could have some amazing cryptographers invent an algorithm which stands up to scrutiny, but which has some extremely hard to notice flaw which only they know about. They could then make those cryptographers submit the algorithm to NIST, and, in a seemingly fair way, pick the subtly broken algorithm as the winner. I can't know whether this happened of course, and it probably didn't, but we fundamentally have to trust that NIST wouldn't do something like that... and we do know that they would do, and indeed have done, something like that.
Maybe the process is such that this attack, and any other kind of attack, is impossible. If that's the case, please do cite something which goes into detail on that.
Maybe, if their reasoning for trusting the NIST competition result holds up to scrutiny. Do you have any links to trustworthy organizations which wholly endorse the results, with a detailed write-up as to why?
> However the way this standardization worked - and several others before, like AES and SHA-3 - is that NIST made a public competition. They basically asked everyone to submit proposals and then asked everyone to find flaws in theses proposals.
> These competitions have a very good reputation in the cryptographic community.
A very brief google search provided citations to the proposals and counter-attacks for your perusal.
NIST wouldn't get away with choosing an algorithm that has been shown to have vulnerabilities, which is the only thing it could do is come up with an algorithm with a subtle unnoticed flaw. And that algorithm has to have performance at least as good as the other algorithms in the contest.
But if it can come up with a competitive algorithm with a subtle unnoticed flaw, than that attack would work almost as well in a contest hosted by some other organization. They wouldn't be able to guarantee the win, but they would still have a good shot at it.
EDIT: To more specifically address the process: If NIST wanted to get people to trust a shady algorithm, they could have some amazing cryptographers invent an algorithm which stands up to scrutiny, but which has some extremely hard to notice flaw which only they know about. They could then make those cryptographers submit the algorithm to NIST, and, in a seemingly fair way, pick the subtly broken algorithm as the winner. I can't know whether this happened of course, and it probably didn't, but we fundamentally have to trust that NIST wouldn't do something like that... and we do know that they would do, and indeed have done, something like that.
Maybe the process is such that this attack, and any other kind of attack, is impossible. If that's the case, please do cite something which goes into detail on that.