If we try to agree some standard for database protection what are the chances that the NSA will mount a campaign to derail it (like their mostly successful campaign to derail IPSEC and very successful campaign to derail mobile phone security)? If it were derailed, would it be much use against the other intruders (other than the NSA)?

Actually, I hope the NSA would be careful to derail things only to the extent that the NSA (and probably GCHQ and the Chinese, Russian, German, French and Australian equivalents, as they too employ some good mathematicians) can penetrate it, while leaving penetration beyond the capacity of private groups and terrorists. But I'm not really sure that they would.

However, I suspect that our current database protection (in SQL Server) is pretty good, unless NSA have persuaded MS to insert some back doors, provided developers and DBAs use it sensibly (which sometimes - quite often - fails to happen).