Comment by cryptonector
2 years ago
NSA weakened DES from 64-bit keys to 56-bit keys. The idea was that they could be ahead in breaking it, and that by the time 56-bit keys were too weak in general then something else would replace DES. Risky? Yes, but it worked out, for some value of "worked out". So I wouldn't assume something like that wouldn't happen again.
They did that openly. What they did in secret was to harden it against an incredibly powerful attack (it's still a basis for block and hash cryptanalysis today) that nobody else knew about.