OpenSSL Corporation's Silver Sponsorship at ICMC 2024 - A Retrospective

OpenSSL Corporation’s participation as a Silver Sponsor at the International Cryptographic Module Conference (ICMC) 18th - 20th September 2024 marked an important milestone in our continued commitment to advancing cryptographic technologies. As a critical player in secure communication, OpenSSL’s involvement highlighted our dedication to fostering collaboration, innovation, and security within the cryptographic community.

ICMC 2024 provided a valuable platform for industry leaders to engage in key discussions surrounding cryptographic standards, challenges, and innovations. Through our sponsorship, OpenSSL contributed to critical dialogues on post-quantum cryptography, regulatory compliance, and developing secure, open-source cryptographic solutions.

OpenSSL Corporation delivered two key presentations:

  • OpenSSL Roadmap Update
    • This talk covered OpenSSL’s release and feature roadmap for the coming year, the new release schedule following the adoption of time-based releases, the current status of Post-Quantum Cryptography in OpenSSL, and possible future directions. Additionally, it addressed the ongoing FIPS 140-3 validation process of OpenSSL.
    • Presented by Neil Horman, OpenSSL Engineering Manager
  • From Challenges to Solutions: The Evolution of OpenSSL Governance
    • This presentation looked at the recent governance changes in OpenSSL. The challenges faced, the solutions implemented, and how these changes aim to improve decision-making and community involvement were covered. The future direction of OpenSSL and its commitment to a more inclusive governance model was discussed.
    • Presented by Anton Arapov, OpenSSL Operations Manager
Neil Horman Presenting the OpenSSL Roadmap Update

Adam Janovsky, PhD candidate from Masaryk University, Brno, Czech Republic, delivered the following presentation. The OpenSSL Foundation sponsored Adam’s attendance at the ICMC.

  • Insights from Automated Large-Scale Analysis of FIPS-140 Certificates
    • Security certification frameworks like FIPS 140-2/3 or Common Criteria subject certified products to extensive scrutiny. This talk discussed insights gleaned from the ecosystem of certified devices through extensive analysis of certification documents. Automation tools extract machine-readable features from tens of thousands of certification-related documents, providing valuable insights and assessment of the certification process.

Our presence at the conference also allowed us to demonstrate recent advancements in the OpenSSL project, including updates to the 3.x series, partnership with Lightship Security, an Applus Laboratories company for achieving FIPS 140-3 compliance, and organizational changes. These interactions reinforced our commitment to addressing the evolving security needs of industries that depend on OpenSSL for reliable cryptographic implementations.

Below is a photo of the Lightship team (left) and OpenSSL team (right) at the conference

Image of Lightship and OpenSSL

We thank the ICMC community for hosting this event and everyone who engaged with us during the conference. As we look ahead, OpenSSL remains focused on driving innovation and strengthening the foundations of secure digital communication.

We look forward to continuing our collaboration with the cryptographic community as we develop the next generation of secure technologies.

For information on events the OpenSSL Corporation will attend, refer to our events page.