Let me add a few datapoints here, as a reminder...
1) The AES competition was launched in part because DES and 3DES were cracked by EFF using FPGA-based brute-force decryption machine. Source :
As a reminder, DES was THE standard crypto algorithm, vetted and approved by NSA. It could be cracked by EFF only because of Moore's Law and some serious budget and effort.
2) Public-key cryptography was invented separately at GCHQ (UK NSA) and NSA itself, several years *before* Diffie-Hellmann. Source:
So, yes, these people (NSA/GCHQ) are very good at what they do. They have had at least 10 years of head-start, since cryptography was considered for many years just a branch of mathematics in academic circles. These guys work on nothing but crypto and digital/analog communications, year in, year out. Do not underestimate them.
3) One of the first electronic computers, was delivered to the NSA in the 1950s. NSA later suggested improvements to the company that built it. The first Cray supercomputers were delivered straight to NSA. Again, that was in the 1950s, when most computer companies (IBM comes to mind) were still struggling to define what a computer was good for. Source:
4) The NSA and GCHQ have a long history of backdoors. They love these things, as they make their life so much easier. Read on Venona, Enigma, Ivy Bells: all of these were made possible by intercepting/copying one-time pads, selling "unbreakable" German encryption machines and tapping undersea Russian cables. And I am willing to bet these are just a small fraction of what these people have done over the years. Source:
Again, this is just a small fraction of what NSA and GCHQ have done over the years. So, yes, suspecting backdoors in open-source software is... shall we say... only natural.
If I was paid to be a professional paranoid, I would be taking a very long hard look at my computers and telecom equipment right now.