The International Cryptographic Module Conference is a growing forum for global expertise in commercial cryptography. At the fifth annual edition of the conference in May, industry leaders from over 20 countries will convene to address the unique challenges faced by those who produce, use, and test cryptographic modules, with a strong focus on standards such as FIPS 140-2, ISO/IEC 19790, and Common Criteria. The conference helps to foster a focused, organized community of users. ICMC covers the technical design problems to meet the standard, with a particular emphasis on the challenges posed as technology advances with respect to the current standards.
ICMC reviews technical topics underlying the implementation of a cryptographic module including physical security, key management, side-channel analysis, cryptographic algorithm implementation testing, standardization (FIPS 140-2, ISO/IEC 19790), validation programs and more.
Special-Focus Conference Content
Following suggestions from the survey responses of previous attendees and the guidance of our industry expert program committee, the conference features content in six key areas:
Global Cryptographic Module Validation: ICMC will continue its strong focus on North American validation programs and we’ve added a half day on global validation, and prospects for an international validation (iCMVP) scheme. More info.
Open Source Cryptography: OpenSSL is the most widely used encryption software library in the world, but last year saw threats to its security and future certification. We’ll cover efforts to audit and improve the security of OS encryption. More info.
Embedded Encryption and Industry-Vertical Applications: We’ve created a day of content focused on three areas where secure embedded encryption is crucial: PIV, authentication and identity technologies, communications devices, and the “internet of things.” More info.
Common Criteria: The crypto certification community is widely involved in Common Criteria, so ICMC provides a great opportunity for discussions on the prospect for CC in Crypto, and efforts to bring CC to broader user base. More info.
Quantum Threats and Quantum-Safe Crypto: Many approved algorithms can be easily broken by theoretical quantum computers. We’ve scheduled a day’s worth of content focused on this emerging threat, as well as the transition to standardized quantum-safe algorithms. More info.
End-User Experience and Crypto Policy: We’ve expanded content for organizations that rely on cryptographic security with information on selecting the right module, the value of certification, current vulnerabilities, administative issues, and ethical considerations. More info.