The cr.yp.to microblog: 2020.02.26 07:56:54

2020.02.26 07:56:54 (1232560151963435009) from Daniel J. Bernstein:

More evidence that people reviewing security of #NISTPQC candidates are dangerously overloaded: https://eprint.iacr.org/2020/241 gives (among other things) a simple fast attack completely breaking round-1 "Round2", the predecessor of round-2 "Round5". Attack wasn't noticed for two years.