Aaron is a cybersecurity professional at NetStar where he leads efforts in AI-driven threat intelligence and detection engineering. With a background in systems engineering and automation, he specializes in applying machine learning to complex security workflows including certificate analysis, graph neural networks, and threat attribution. His recent work includes developing layered certificate scoring models for real-time SSL and TLS inspection and integrating human-centric AI design into SOC environments. Aaron is currently pursuing a master’s in Cyber Operations and Security, further deepening his research in applied AI and cryptography. He brings a practical and forward-looking approach to cybersecurity and is passionate about bridging the gap between research and operational outcomes.

Aditya Koranga is the Vice Chair of Post Quantum Cryptography Alliance (PQCA)'s TAC under Linux Foundation and represents Small Businesses and Individuals on the Technical Advisory Committee at OpenSSL Foundation and Corporation. With extensive experience as a Chief Security Architect, he has built enterprise-ready quantum-safe solutions and guided organizations through complex cryptographic transitions.
Aditya is the founder of NgKore, a non-profit open source community focused on advancing Post-Quantum Cryptography, Quantum Computing, 6G, and Non-Terrestrial Networks. His unique position across multiple industries and communities gives him comprehensive insight into both the technical challenges and community dynamics driving the post-quantum migration.

Dr Aivo Kalu is a leading security engineer with over 20 years of experience in information security, cryptography and digital identity at Cybernetica, company that has been building future-proof technologies that rely on research and development for over 25 years. Cybernerica's unique expertise ranges from secure data exchange like the X-road to digital identity, i-voting, information security and more. Aivo's responsibilities include product development and consulting government authorities, trust service providers and other clients about their digital identity programs, authentication, signing, and wallet solutions and applying security protocols, cryptography, standardisation and security certification to client's problems.

Alex is a software resilience engineer. He's current a Member of the Technical Staff at Anthropic. He's previously served as Deputy Chief Technologist for the Federal Trade Commission, tech lead for Firefox sandboxing, among others. He's also a long time open source contributor, asa maintainer of the Python Cryptographic Authority, core developer of CPython and PyPy, creator of the project that became Rust in the Linux kernel, and many others. Alex is based in Washington, DC and likes bagels and delis.

Alicja is a quality engineer specialised in cryptography at Red Hat. She is the quality team lead responsible for handling core cryptographic packages in Red Hat Enterprise Linux: OpenSSL, Mozilla NSS, GnuTLS, OpenSSH, libreswan, and others. With over 15 years of experience in the cryptography area she has contributed to or co-authored multiple IETF RFCs and found multiple security vulnerabilities, most impactful one being the Marvin Attack.

I'm a university student specializing in cybersecurity, with a strong interest in Linux, open source technologies, and computer networking.

Anthony has 25 years of experience as a software developer in the consumer electronics industry. He started by making firmware for projectors and moved on to digital TVs and then smartphones. He now implements cryptographic protocols for the wolfSSL line of products and has a deep interest in educating and informing the wider community about the migration to post-quantum cryptography.

Anton is Director of the OpenSSL Corporation.
Anton is Treasurer of the OpenSSL Corporation.
Anton is Secretary of the OpenSSL Corporation.

Ashley Pusey is your favorite API—Ashley Pusey Interface—a New York-based attorney navigating the fault lines between AI, cybersecurity, and global data regulation. She advises companies across industries on cyber incident response, privacy compliance, and the legal guardrails around emerging technologies. Whether handling complex breaches across EMEA, LATAM, and APAC or engaging with regulators like the Office for Civil Rights on HIPAA and GLBA issues, Ashley brings clarity and strategy to moments of uncertainty.

But Ashley’s practice isn’t just about managing risk—it’s about building trust. She helps organizations operationalize responsible tech, guiding product launches, adapting to evolving AI regulations, and crafting data governance frameworks.

Her passion for law and innovation didn’t start in a courtroom—it started on the runway. Fascinated by smart textiles and wearable tech disrupting the fashion industry, Ashley found herself drawn to the legal, ethical, and cultural questions embedded in emerging technologies.

Ashley is credentialed with CIPP/US, CIPP/E, CIPM, and the IAPP’s Fellow of Information Privacy (FIP) designation. She holds certifications in Cybersecurity (MIT), Artificial Intelligence (Center for AI and Digital Policy), and Fashion Law (Fashion Law Institute)—a blend that reflects both her creative and regulatory DNA.

At the interface of law, code, and culture, Ashley champions a future where innovation is as ethical as it is exciting—and where every system, suit, or software release is built with integrity.

Astor Nummelin Carlberg is OFE’s Executive Director, responsible for the overall vision, activities of the organisation and policy development. He has extensive experience of European policy making processes, communications and network-building. Astor leads conversations on Europe’s digital challenges and the role of open technologies in achieving its full potential. He sits on the board of APELL, the European Open Source Business Association.

Bernie Leung is a Distinguish architect. He has over 20 years experience in cybersecurity. In the last 10 years, he has led the building and operating of multiple FedRAMP / FISMA systems. His hands-on experience in running these systems from inception to operation is invaluable in bringing practical security conversations to corporate business leaders.

William (Bill) J Buchanan OBE FRSE is a Professor of Applied Cryptography in the School of Computing, Edinburgh and the Built Environment at Edinburgh Napier University. He is a Fellow of the BCS and a Principal Fellow of the HEA. Bill was appointed an Officer of the Order of the British Empire (OBE) in the 2017 Birthday Honours for services to cybersecurity, and, in 2024, he was appointed as a Fellow of the Royal Society of Edinburgh (FRSE). In 2023, he received the "Most Innovative Teacher of the Year" award at the Times Higher Education Awards 2023 (the "Oscars of Higher Education"), and was awarded “Cyber Evangelist of the Year” at the Scottish Cyber Awards in 2016 and 2025. He currently leads the Blockpass ID Lab and the Centre for Cybersecurity, IoT and Cyberphysical, and is the Director of the Scottish Centre of Excellence in Digital Trust and DLT. Bill works in the areas of cryptography, blockchain, trust, digital identity and quantum processing and has one of the most extensive cryptography sites in the World (asecuritysite.com), and is involved in many areas of novel research and teaching. He has published over 30 academic books and over 450 academic research papers. Along with this, Bill’s work has led to many areas of impact, including a number of highly successful spin-out companies (including Zonefox, Symphonic Software, Cyan Forensics and MemCrypt), along with awards for excellence in knowledge transfer and for teaching. He recently received an ”Outstanding Contribution to Knowledge Exchange” award and was included in the FutureScot "50 Scottish Tech People Who Are Changing The World”, along with being a regular keynote speaker at a range of conferences. Bill’s true academic passion is building, analysing and breaking cryptographic methods.

A native Texan, Bill Brumley is a Kevin O'Sullivan Endowed Professor in Cybersecurity at Rochester Institute of Technology (RIT) in New York, where he also serves as Director of Research for RIT's Global Cybersecurity Instutute (GCI). He received his doctorate from Aalto University (Helsinki, Finland) in 2012. He is a former Staff Engineer for Qualcomm's Product Security Initiative (QPSI) in San Diego, California. He is a 2018 European Research Council (ERC) Starting Grant Laureate. Before joining RIT, he spent a decade as a Professor at Tampere University (Finland). He specializes in system security, cryptography engineering, and side-channel analysis.

Brandan Payne is a video strategist, AI systems consultant, and founder of PushPlayAI and Payne Point Media. With experience working hands-on with med spas, real estate pros, and blue-collar businesses, he’s spent years translating “tech talk” into clear, practical systems that actually get used. A former reality show cast member turned educator and entrepreneur, Brandan is passionate about using storytelling and automation to make digital transformation understandable for the people who need it most.

Brian Will is a Principal Engineer in Intel focused on Network Security Acceleration and lossless compression. He has over 25+ years experience developing Software for Network Security and Packet Processing architectures.

Clemens is the Product Owner of the Red Hat Enterprise Crypto Team and currently focusing on the transition to post-quantum cyrptography. He's been working for Red Hat since 2022. Prior to his work at Red Hat, he took care of open source packaging, over-the-air updates and security of infotainment systems at BMW. Clemens has also contributed to the MacPorts project since Google Summer of Code 2011.

Daniel Gustafsson is a long time Postgres hacker, major contributor and committer on the project. Having been around the project for over a decade he has taken part of most aspects of the project, writing code and docs, organizing conferences and occasionally speaking at them, partaking in governance efforts etc. He currently works for Microsoft doing Postgres hacking, and was previously employed by VMware and Pivotal where he worked on Greenplum, a data warehouse based on Postgres.

When not working on Postgres he is a curl/libcurl contributor, committer and security team member.

I’m a curious exister living in Portland, OR. I’m also a dad and a husband who programs computers for a living. My interests over the years have spanned from type theory to cryptography and from distributed consensus to embedded systems. These days I work on x86 optimizations for open source cryptography libraries.

Darryl G. Baker is a Senior Solutions Architect at Netwrix and a recognized authority in Identity and Active Directory security. With over a decade of identity systems experience, he has led enterprise security assessments, identity security trainings, and threat emulations focused on Active Directory, Entra ID, and Azure environments.
Darryl has delivered highly rated trainings and demos at BlueTeamCon, BSidesCT, The Experts Conference, and Wild Wild West Hackin’ Fest. He’s the architect behind numerous hands on attack emulation labs—leveraging current red team and blue team tools to help defenders master everything from attack path analysis to threat hunting.
In his sessions, Darryl blends deep technical insight with real world case studies, empowering blue team professionals to strengthen their identity security posture and defend against evolving adversary techniques.

David has been working on Cryptography APIs and secure protocols since the mid-1990s and in IT and open-source since the mid-1980s. He is a founder and still active committer of the Legion of the Bouncy Castle Cryptography project which began in the year 2000 and provides APIs in Java, C#, and Kotlin. David founded Crypto Workshop, now part of Keyfactor, in 2012 in order to better support the Bouncy Castle APIs and its user community. Shortly after, he led the work on the FIPS certification of the Bouncy Castle APIs, resulting in their first certifications in 2016. His deep interest is in providing tools to simplify the development of solutions that make use of cryptography and secure protocols, with an emphasis on standards-based approaches. He is based in Melbourne, Australia. David is also the author of two books: “Java Cryptography: Tools and Techniques” and “Beginning Cryptography with Java.”

Computer scientist with a PhD from TU Munich on programming language semantics and theorem proving.
Senior consultant on IT security architecture and expert on PKI technologies at Siemens Foundational Technologies.
Lead on PKI component development, OpenSSL Committer, contributor to IETF standardization on X.509 topics.

I am a principal engineer at Chainguard focusing on cryptographic hardening of FIPS container workloads for FedRAMP deployments. I am upstream contributor to OpenSSL, BoringSSL, AWS-LC, LibreSSL, Linux Crypto subsystem, Secureboot rhboot/shim and grub, Ubuntu Core Developer, OpenBSD, Debian Developer, among many other smaller contributions to many open source projects.

TL,DR: Stockholm syndrome with OpenSSL.

I have been working with OpenSSL code since late 2004. Working on implementing national cryptography for OpenSSL, I got familiar with many parts of the library.

Since 2020 I apply my knowledge of OpenSSL for Red Hat, currently I'm most busy with post-quantum transition of Red Hat and OpenSSL

To be Confirmed

Dragan Zuvic is a seasoned developer and architect in the Business Stream "Cross Technologies" at Mercedes-Benz Tech Innovation (MBTI), specializing in developing robust cryptographic solutions for automotive technologies. With over 30 years of experience, Dragan has developed PKIs, created entry hubs for apps, and worked extensively in the banking and insurance sectors, bringing a wealth of expertise to the cybersecurity domain at MBTI.

Eric Ye is a software engineer at Cryptsoft, specializing in standards-based key management technologies. He works on the development and integration of KMIP and PKCS#11-based SDKs in C, Java, and C#, helping OEM clients build secure, interoperable cryptographic systems.

Frederik holds a Master's degree in Computation and Mathematical Modelling from the Technical University of Denmark (DTU), where he specialized in cryptology. He has hands-on experience working with satellite communication systems for commercial aviation, where he contributed to delivering reliable and secure data transmission solutions. Over the past six years, he has been part of Dencrypt, developing cutting-edge encryption technologies. His recent focus has been on implementing the latest DTLS 1.3 protocol in OpenSSL, ensuring secure and robust communication channels.

To Be Confirmed

With both law and IT qualifications, Hayden has a deep understanding of the technology and digital economy sector. Hayden can quickly grasp how both new and established technologies impact a client’s legal and commercial risks, and also how it can transform a business. He is sought after to provide advice across complex IP and technology transactions. For privacy and cyber security, Hayden helps clients manage their data risks, comply with their privacy and security obligations, and respond appropriately in the event of a cyber security incident. He also has extensive IP prosecution and strategy experience, and manages large IP portfolios for some of the world’s top brands including for trade marks, patents and copyright. Hayden’s client base includes many well-known software vendors and organisations undertaking complex technology projects, and across a range of sub-sectors including fin-tech, defence-tech, med-tech and artificial intelligence. He also provides counsel to clients in regulated industries (such as health and aged care, education and financial services) on their technology, privacy and security risks. He regularly speaks on legal issues across technology, IP and privacy law, including the RSA cyber security conference in San Francisco and AusCERT in Australia. Hayden’s enthusiasm for the technology industry is infectious and he is driven to achieve the best outcomes for his clients.

• Opensource Developer @ IBM
• Nominated community member for OpenSSL platform linux64-s390x
• Linux Kernel co-Maintainer for crypto-related stuff for s390 architecture

Jake Maynard has been in the Cyber Security industry for over twenty years. He spent over 17 years with Citrix Systems (Sponsor of OpenSSL’s 2.x FIPS canister) working on Networking, Mobile Device Management, and Virtualization technologies ultimately landing in the security engineering team working on the core cryptographic module utilized to meet FIPS requirements for the product suite..

Jake currently leads SafeLogic’s engineering department where his team is responsible for the Research, Design, and Implementation of future cryptographic products focused on easing customer’s journey through FIPS compliance.

Jake has been awarded two masters degrees from Nova Southeastern University. One in Information Security and the other in Computer Science.

Jakub Jelen is a Principal Software Engineer in Red Hat, working on various projects that are touching security and cryptography area.

Jakub Onderka is a member of GovCERT.CZ, a government unit within the National Cyber and Information Security Authority responsible for managing cybersecurity incidents affecting critical infrastructure in the Czech Republic. In his role, he has contributed to implementing post-quantum key exchange mechanisms in the TLS protocol, enhancing the security of Portal NUKIB—the primary communication platform for cybersecurity in Czechia.

Jaroslav Řezník is the Principal Program Manager who steers Red Hat's government certifications for the Product Security Compliance team. His 17-year tenure at Red Hat is marked by a unique versatility, having contributed to everything from his beloved Fedora community to ensuring stringent government compliance with standards such as Common Criteria and FIPS 140.

For the past 15+ years, Jason has been involved in the leadership of different cyber security companies, including being responsible for the accreditation, management and profitable growth of several government-accredited IT security laboratories. Since 2015, Jason has been the co-founder and President of Lightship Security, a leading product certification lab in North America. Jason is responsible for driving the Lightship vision of modernizing the product certification landscape – with a focus on building and deploying smart automation to allow certification in parallel with development. Better certification outcomes for Lightship clients is the overriding mandate for Jason and team.

Jeff Johnson is a Sr. S/W Engineering Leader at Cisco Systems, Inc. Jeff leads the Common Security Module team within Cisco’s Security and Trust Organization which provides foundational security capabilities across Cisco’s portfolio to reduce risk for Cisco and their customers. Jeff’s passion is creating, developing and producing new technologies from inception to production. During his 25+ years at Cisco Jeff has delivered across Cisco’s technology portfolio including networking, collaboration and security products. Currently, his development teams are responsible for creating and maintaining government certified common software technologies. Primary among these technologies is a common cryptography library. This work has led to his teams being recognized as a finalist in Cisco’s Pioneer Award. Jeff’s teams are now challenged to provide production quality post-quantum cryptography across Cisco’s portfolio.

In his spare time, Jeff enjoys traveling with his wife of 45 years and their 2 dogs. Additionally, Jeff cannot get enough time with his family consisting of 2 daughters and 5 grandchildren. An avid motorcyclist, you can find Jeff riding with friends thru the mountains of North Carolina or attending several motorcycle racing events throughout the year.

Jelizaveta Vakarjuk is a junior researcher in Cybernetica and industrial PhD student at Tallinn University of Technology. Her research focuses on post-quantum cryptography, privacy-preserving cryptography, and security of voting systems. Mainly she studies post-quantum digital signatures, but also focuses on the aspects of migration to post-quantum cryptography. Job position: Junior researcher Affiliation: Cybernetica AS and TalTech

Jon Ericson is the OpenSSL Communities Manager. He started his career as a C programmer for the US National Weather Service and NASA’s Jet Propulsion Laboratory. When Stack Overflow launched in beta, Jon was an early contributor and later joined as a full-time community manager for the entire Stack Exchange network. Recently he’s consulted with community owners to resolve a variety of social and technical hurdles.

Bhargavan is a research scientist and co-founder of Cryspen, a company that works on high-assurance security-critical software. He is on leave from Inria, where he led a team of researchers working on formal verification and applied cryptography. Bhargavan has been involved in the design and analysis of IETF standards like TLS 1.3, HPKE, and MLS, and he and his colleagues build and maintain formally verified cryptographic libraries like HACL* and libcrux.

Łukasz Chmielewski holds the position of Assistant Professor at Masaryk University in Brno, Czech Republic. His primary area of expertise revolves around side-channel analysis (SCA) of public-key cryptosystems. In general, he is also interested in hardware attacks, including fault injection, on real-world devices. Currently, he is actively involved in enhancing the capabilities of the side-channel CRoCS lab. Moreover, in recent years, he has worked on the applications of deep learning to SCA, targeting both symmetric and asymmetric schemes. In the past, he obtained his PhD and was a postdoctoral researcher in the Digital Security Group at Radboud University Nijmegen. He also has significant commercial experience in SCA, FI, and software-security evaluations of embedded devices. His overall practical experience in physical attacks spans the last 13 years.

Marcel Kolaja is the Policy and Advocacy Director for Europe at Access Now, an organization defending and extending the digital rights of people and communities at risk. He leads a team of digital rights policy experts and drives the advocacy agenda at the intersection of human rights and digital technologies in Europe.

From 2019 through 2024, Marcel served as a Member of the European Parliament. Throughout his tenure, he was also a Member of the Bureau of the European Parliament: from 2019 through 2022 as Vice-President and from 2022 through 2024 as Quaestor.

In his work in the European Parliament, Marcel focused mainly on topics related to fundamental rights and consumer protection in the digital age, privacy protection, cybersecurity, encryption, transparency, Free and Open Source Software, artificial intelligence, the Digital Single Market, and media freedom. Legislative acts that Marcel directly worked on include the Artificial Intelligence Act, the Digital Services Act, the Digital Markets Act, the Child Sexual Abuse Regulation, the Product Liability Directive, the Cyber Resilience Act, the Media Freedom Act, the Political Advertising Regulation, the European Digital Identity, and more.

Marcel graduated from the Faculty of Informatics, Masaryk University in Brno. He had been working in various capacities in the IT industry in technical and managerial roles before he was elected Member of the European Parliament.

In his free time, he enjoys spending time in the mountains and in nature.

Dr. Martin Schmatz is a Principal Researcher at IBM Research Europe in Zurich/Switzerland. He studied electrical engineering and received his doctorate from ETH Zurich on the topic of "Noise Parameter Measurements." After joining IBM in 1999, he led research in the areas of I/O link technology and, from 2012, key components of modern IT server systems. Since 2017, he has focused his work on key management systems (KMS) for Cloud applications and, since 2020, in particular on the migration to quantum-secure communication. He holds an MBA, has over 50 scientific publications, and over 100 patents

Martin Ukrop is a Principal Research Software Engineer with Red Hat Research, focusing on security research and facilitating the industry–academia cooperation in Europe. He received his PhD in Computer and Information Systems Security from Masaryk University, Czechia, focusing on human aspects in computer security. He remains an active teacher as well as a life-long learner.

His research looked into making security usable for IT professionals (developers, system administrators and such) that lack a specialized training in computer security. He focused on cryptographic interfaces (both programmable and command-line) of developer tools and software libraries. The emphasis of his work was placed on X.509-capable libraries, such as OpenSSL, GnuTLS and NSS, paying special attention to the process of certificate creation and validation.

Matt Caswell is the President of the OpenSSL Foundation where he is responsible for ensuring the delivery of the OpenSSL Mission. He also has expertise as a software developer, and is a subject matter expert in OpenSSL's SSL/TLS implementation. Matt has been a member of the OpenSSL Library development team for over 10 years and has implemented TLSv1.3 in OpenSSL as well as many other high profile features and capabilities.

Mehri Yahyaei brings over 17 years of expertise in cybersecurity evaluation, software quality assurance, and the application of international standards across both industry and academic environments. Her professional focus encompasses Common Criteria (ISO/IEC 15408), ISO/IEC 27006, FIPS 140-2/3, as well as sector-specific standards in automotive cybersecurity such as ISO/SAE 21434 and ISO 26262.
She is actively engaged in global cybersecurity technical communities. As a member of the United Nations Open-Ended Working Group (OEWG), representing the NGO sector, she contributes to international dialogues on cyber stability and responsible state behavior. Her affiliations span a range of expert forums, including international software and systems engineering committees (such as JTC1/SC27), Common Criteria technical and user communities, and global initiatives promoting diversity and innovation in AI and cybersecurity.
An invited speaker at leading international conferences, including the International Cryptographic Module Conference (ICMC) in 2019 and 2020, and ICCC 2025. Her academic and professional development includes specialized training in cybersecurity engineering, intelligent threat modeling, software quality and security evaluation, uncertainty estimation, and conformity assessment aligned with standards such as ISO/IEC 17025.

See https://baentsch.ch . Key dates (polish/expanded on demand):
MSc CS 1994 U Kaiserslautern, Germany and researcher there until
PhD CS 1997 U Kaiserslautern, Germany, then staff and product manager, at IBM Research Zurich incl. another education as
MBA 2003 U Strathclyde, UK
Since 2021 independent security software freelancer in the FOSS space.

A grumpy developer, maintainer and researcher in the area of storage security.
Linux cryptsetup and LUKS maintainer. For more info see https://mbroz.fedorapeople.org/talks/

As a Cybersecurity Engineer at Hughes Network Systems, an EchoStar Company, I contribute to securing vital network systems and digital assets. Outside of my role, I operate as a dedicated security researcher, driven by a profound passion for Linux, cryptography, and infosec. 💻🔐🛡️

Nicholas ('Nick‘) Gates is a Senior Policy Advisor at OFE, where he leads OFE’s research work and works on the EU-funded projects NGI Commons and OSAwards.eu, as well as related research, policy, and advocacy efforts. He specialises in open source funding, open source in the public sector, and open source governance and collaboration dynamics.

Nick has significant experience in digital government policy and research globally, particularly around open source, public goods, public financial management, and digital service delivery. Nick enjoys supporting development partners, governments, and international organisations to deliver on their research, advocacy and convening agendas by using applied research to support policy development around best practices in the use of technology for public good, particularly in the public sector.

Prior to joining OFE, Nick helped launch the Digital Public Finance Hub, a new learning initiative around the digital transformation of public finance, as a consultant at Public Digital. He began his career working on research, policy, and advocacy at the Digital Impact Alliance — conducting research on topics including national digital transformation processes, open-source in government, and digital transformation policy — and was a Fellow at the Portulans Institute.

Nick holds an undergraduate dual degree from the University of Massachusetts Lowell in Political Science and History, and graduated with an MSc in Global Development from the University of Copenhagen in 2018.

Dr. Nicky Mouha works as a Contractor at the Computer Security Division of NIST, specializing in the analysis, implementation and standardization of cryptographic algorithms. He discovered vulnerabilities in the cryptographic software of billions of devices: CVE-2019-8741 and CVE-2022-37454. Furthermore, he is the designer of Chaskey, which is a MAC algorithm that is internationally standardized under ISO/IEC 29192-6. He is also the inventor of the MILP and SAT-based techniques that have now become the standard tools to analyze the security of cryptographic algorithms against attacks such as differential and linear cryptanalysis.

Nicolas Dupont is the Founder and CEO of Cyborg, a company pioneering Confidential AI. Their main product, CyborgDB, is an end-to-end encrypted vector database (which uses OpenSSL primitives) to make Confidential AI inference a reality.

A Doctoral Researcher at Tampere University (Finland), I contributed to OpenSSL for the first time in 2010, later I had the honor of becoming an OpenSSL Committer and I have been serving in the OpenSSL Technical Committee since 2019. Since the last election, I also serve as representative for Academics in the Business Advisory Committee at the OpenSSL Foundation, and in the newly formed Technical Advisory Committees at OpenSSL Foundation and Corporation.

My research specializes in software and micro architecture side-channel analysis and the integration of modern cryptosystems (lately mainly PQC) in mainstream libraries such as OpenSSL.
I am leading the efforts of Tampere University within the QUBIP Horizon Europe project to integrate PQC into OpenSSL, NSS, and Firefox using loadable modules.

I've worked with or on Kerberos for about 28 years, and I've worked on Heimdal for about 15 years. I'm a Sun Microsystems, Inc. alumnus, and have worked for banks and hedge funds as a consultant and employee. I am also an erstwhile jq and Heimdal maintainer.

Nikita Snetkov is a junior researcher at Cybernetica AS and industrial PhD student at TalTech. His research interests are post-quantum cryptography, threshold cryptography and internet voting.

Nikita is a scalable vector existence…

which may be described as somewhat of a material world version of SVGs: adaptable and accurate. She came up with this original tagline after making incredible amounts of original SVG designs.

Today, you will find her as a software engineer at Cisco, but her journey in tech began as a mechanical engineer at IIT Roorkee. Nikita gained experience in open-source and design by working as the Outreachy 2022 summer intern with Fedora and later as a consultant with Software Freedom Conservancy. She has brushed upon the field of FinTech in the past as a part of J.P. Morgan Chase Quant Research Mentee and became the top team from India in WorldQuant Alphathon 2022. She had interned at Cisco, India as a Technical intern in the summer of 2023 and continued with them as a full time software engineer for the IoT team.

Her creative spirit lies with her art and music. She plays the Sitar, Flute or keys sometimes and also likes to work with all forms of art from sketching to sculpting; from digital to physical. Being an INTJ, she is a detail-oriented person and likes to organize & plan her tasks out. Her drive lies in exploring new fields and picking up new skills.

Norman Ashley is a technical lead engineer at Cisco Systems. He is a member of the Common Security Modules team responsible for development Cisco's common cryptographic library, a FIPS and Common Criteria validated library. Norman also serves on and contributes to the Linux Foundation Post Quantum Cryptography Alliance and the Open Quantum Safe Project.

Pat leads Chainguard's Guarded OS team. She's passionate about operating systems, software at scale, unicorns and working with amazing people from all over the world. Before this current awesome gig, she worked at Google, InfluxData, Canonical and the IBM Linux Technology Center. She works from her basement office in Portland, Oregon.

Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled

OpenSSL Committer since 2018 and one OpenSSL Corporation TAC member. A partner of a Chinese start-up in the music industry that utilized OpenSSL to keep its customers' data safe, like songs, music videos or even lyrics.

Peter Gutmann is a researcher in the Department of Computer Science at the University of Auckland working on design and analysis of cryptographic security architectures, security usability, and embedded systems security. He helped write the popular PGP encryption package, has authored a number of papers and RFC's on security and encryption including serving as the final editor of the world's longest-running security RFC, RFC 8894, and is the author of the open source cryptlib security toolkit, the book "Cryptographic Security Architecture: Design and Verification", and an upcoming book "Engineering Security".

Peter Schmidberger works as a Product Owner in the Business Stream "Cross Technologies" at Mercedes-Benz Tech Innovation (MBTI). His goal is to provide a secure and stable product with an agile DevOps Scrum team for Mercedes-Benz. Peter gained experience at smart Europe and afterwards in the retail area of Mercedes-Benz for a dealer management system. For the last 6 years, he has been responsible for the development and operation of the automotive PKI within MBTI.

Rabia Bajwa is a seasoned professional in cybersecurity, boasting over 12+ years of focused experience in Cyber Governance, Risk, and Compliance (GRC) and data protection. Widely recognized for her expertise in cybersecurity governance, risk oversight, compliance, data privacy, and AI security, she has worked closely with numerous federal and private organizations throughout Dubai and the Middle East region to enhance their cybersecurity infrastructures, ensure compliance with regulatory standards, and develop robust security strategies. Based in Canada, Rabia provides strategic consulting services to companies in the UAE, with a current emphasis on integrating AI-powered solutions to enhance risk management and streamline compliance processes for entities. With impressive academic achievements, Rabia holds a Master’s degree in Cybersecurity and Threat Intelligence (MCTI) from Canada, alongside a Master’s in Project Management (MPM) and a Bachelor’s degree in Telecommunication Engineering. Her credentials are further bolstered by a strong array of industry certifications, including CISSP, CISM, CEH, ISO 27001 Lead Implementer, and ITIL. In addition to her consulting work, Rabia actively engages with the cybersecurity and tech community. She serves as the Director of Event Management for the Threat Modeling Connect (TMC) Toronto Chapter, where she promotes cooperation and advances practices in threat modeling. Moreover, she is an active member of several prominent organizations, including the ISACA Toronto Chapter, the ISC2 Toronto Chapter, Women in CyberSecurity (WiCyS), and Women in AI Governance (WAI-G), and serves as a Global AI Delegate for the UAE region.

Radana Dungelova studied American literature but did not pursue a career in the field. She spent seven years at the Partnership Foundation, and before becoming Director of the Brno Zoo last September, she spent four years in a leadership role at the city’s Department of International Cooperation. She has long been personally engaged in raising awareness about issues related to animals living in their natural habitats and the protection of ecosystems.

Radek is a member of the .NET Networking team which maintains the .NET networking stack. His responsibilities include maintaining the System.Net.Security namespace, which includes integration of OpenSSL to provide a user friendly TLS abstraction in the form of SslStream.

My name is Ranjan Kathuria, and I am currently a Staff Cloud Security Engineer / Cloud Security Architect at Rubrik, a recognized leader in Data Backup and Data Security. Based in San Francisco, I lead Rubrik’s cloud security program, drawing on nearly a decade of experience in the information security field. I have served as a founding security engineer twice, building security programs from the ground up, and I am passionate about advancing the industry through both hands-on engineering and research. My achievements include being ranked as the #1 security researcher for Hubspot and Quora’s Bug Bounty programs, and I am the inventor on a pending patent for efficient vulnerability analysis over backups – https://patents.google.com/patent/US20230376605A1/en
I also have had past experience in presenting my work with AWS some years back – https://www.youtube.com/watch?v=Bd4pTqAuvBQ

Reinhard Buendgen studied computer science at the universities of Karlsruhe and Delaware in Newark, DE. In 1991 he earned a Ph.D. in computer science at the University of Tuebingen. Until 1997 he worked at the University of Tuebingen as a researcher and lecturer. He joined IBM in 1997 where he held positions in software development, project management and as software development architect in the areas of parallel computing and RAS & High Availability for Linux on System Z. Currently he is a Senior Technical Staff Member at IBM being the Chief Architect Confidential Computing & Crypto Enablement for Linux on IBM Z and LinuxONE.

Reza Azarderakhsh, Ph.D., is a Full Professor in the Department of Electrical and Computer Engineering and Computer Science at Florida Atlantic University and the Founder and CEO of PQSecure Technologies. His research focuses on cryptographic engineering with an emphasis on post-quantum cryptography, side-channel and fault attack protections, and efficient hardware/software co-design for embedded systems. He has more than 140 publications in the field of cryptographic engineering and secure protocol design, with a focus on post-quantum cryptography. Dr. Azarderakhsh has extensive experience in implementing and securing PQC algorithms such as ML-KEM and ML-DSA on constrained platforms like ARM and FPGA. He actively contributes to the standardization and deployment of post-quantum cryptography and has played a leading role in transitioning quantum-safe solutions from research to practical, real-world applications.

Rob Duhart is a seasoned CISO with 20+ years of experience in technology, cybersecurity, and risk management. He is a strategic leader with deep expertise in building and managing security frameworks. Rob has led large-scale initiatives in information security, compliance, and network management across diverse industries. He is currently CISO for Oracle Cloud Infrastructure, one of the largest cloud security providers in the world. Rob is a collaborative leader who strongly supports working closely with open source.

Rodrigo Martín Sánchez-Ledesma is a Senior R&D Cryptography Engineer at Indra Sistemas de Comunicaciones Seguras, with experience both in pre-quantum and Post-Quantum Cryptography, his area of expertise. He is also an Industrial PhD candidate, focused on the algebraic aspects of PQC, specifically Algebraic Number Theory and Lattice-based cryptography.

His work experience is focused around the research, development and secure deployment of pre-quantum and post-quantum cryptography in real applications and protocols, mainly regarding secure communications.

Software engineer and consultant with 10+ years of experience in the web development industry. Passionate about client side encryption and initial poster of OEIS sequence number A342754.

Shankar is a telecommunications researcher and open-source leader specializing in 5G Core and ORAN technologies. Currently serving as Governing Board Member at Linux Foundation and Technical Steering Committee Representative for the 5G Super Blueprint project, he collaborates with industry leaders from Deutsche Telekom, Ericsson, Nokia, Verizon, and other major telecom companies.

With 4+ years of intensive 5G Core experience, Shankar is a recognized expert in ORAN Split 7.2 implementations and eBPF integration within User Plane Functions. His technical expertise spans multiple open-source platforms including Open5GS, free5gc, OAI, SD-Core, and Magma, where he has performed extensive testing, validation, and architectural design.

As a former CTO, Shankar architected and deployed private 5G solutions from scratch, demonstrating his ability to translate complex technical concepts into production-ready systems. His strategic leadership has resulted in 12+ collaborative partnerships with organizations including ONF, Magma Foundation, and TARS Foundation.

Shankar's technical skills encompass end-to-end ORAN testing with L1/L2/L3 stacks and commercial radios, DPDK-based 5G core benchmarking, and disaggregated RAN/core deployments. He has actively contributed to the open-source community, successfully implementing L3AF on Windows and speaking at prestigious events including LFN Developer Forum in Budapest and CNCF events in Delhi.

His unique combination of technical depth and strategic leadership has enabled him to secure three major deals through open-source community recognition, establishing him as a trusted voice in telecommunications and cloud computing innovation.

Shubham is a solution architect with four years of experience in the telecom industry. He is currently serving as the Mentor in the LFDT'25 mentorship program and has co-founded a startup and an open source community. His expertise lies in RAN architecture and 5G security, with a particular focus on integrating emerging technologies including post-quantum cryptography, blockchain, eBPF, and cloud-native tools into the telecom infrastructure.

Sridhar is currently working as Principal Security Architect within Product Security Group @ NetApp. With over 25 years in software industry, Sridhar is inventor/co-inventor for 16 US Patents and published 11 Conference papers till date.

Sridhar's area of expertise includes Storage and Information Security, Security Assurance, Cryptography, Secure Software Development Lifecycle, Secure Protocols, and Storage Management. Sridhar holds a Master's degrees in Physics and Electrical Engineering.

Public Profile:

https://www.linkedin.com/in/sridhar-balasubramanian-9701881

Stephan has been working in security since 1993, when he was loosely associated with the team that developed PGP 2.0. Until about ten years ago, he was interested in any and all facets of security, but the field has both broadened and deepened, so he sadly concedes that he can no longer keep up with everything. So he is now focusing on IoT security and on poking holes in security fashion statements.

Stephen Farrell is a research fellow in the School of Computer Science and Statistics at Trinity College Dublin where he teaches and researches on security and delay/disruption-tolerant networking (DTN), and in 2006 co-authored the first book on the latter topic. He is a co-founder of Tolerant Networks Limited , a TCD campus company. Tolerant Networks are currently funded by OTF to implement the draft Encrypted ClientHello (ECH) specification in the DEfO project.

Principal Software Engineer at Intel. Specialist in high performance, secure software for network, cryptographic and embedded applications. Software architect for Intel's QAT cryptographic and compression accelerator.

Hi, I’m Tanishq Javvaji — Cyber Security Analyst with proven expertise in incident response, threat detection, and digital forensics across cloud and on-premises environments. I have a strong track record of optimizing SIEM and EDR tools-such as Splunk, Elastic Security, and Cortex XSOAR-to reduce false positives and improve response times, achieving measurable improvements in operational efficiency and security posture.

My hands-on experience includes leading investigations of major security incidents, automating IR playbooks, and integrating threat intelligence to proactively defend against advanced threats. I have successfully managed and triaged hundreds of alerts across Windows, Linux, and MacOS endpoints, utilizing frameworks like MITRE ATT&CK and the Cyber Kill Chain to drive effective remediation and containment.

I am passionate about leveraging automation, cloud-native technologies (AWS, Azure, GCP), and scripting (Python, Bash, PowerShell) to streamline security operations and enable scalable, resilient solutions. My background also includes GRC assessments, compliance (NIST, CIS, HIPAA, GDPR, PCI-DSS, ISO 27001), and mentoring junior analysts to build high-performing security teams.

Certified in CEH, GCIH, Security+, and eJPT, I thrive in fast-paced environments where clear communication, technical rigor, and continuous learning are essential to success. I am eager to contribute my expertise to organizations seeking to enhance their security programs and proactively address emerging cyber threats.

Tarique Aman Aziz is a Software Engineering Manager at Red Hat, currently working in the Data and AI team with a strong emphasis on Applied AI and secure inference systems. He brings deep expertise in Model Context Protocol (MCP), Multi-Agent orchestration, and the architectural foundations of modern AI applications.
Formerly leading Red Hat’s Innovation Office, Tarique has a proven track record in designing scalable, production-grade systems using technologies like Quarkus, Apache Camel, and Kogito.
His current focus blends applied research and real-world engineering, particularly around AI, model orchestration, and privacy-preserving inference using open tools like OpenSSL.

Tim Hudson has over 30 years of experience in system and network security. He is the Chief Technology Officer at Cryptsoft Pty Ltd, based in Brisbane, Australia, where he provides strategic guidance on security architecture and the integration of cryptographic technologies. Since 1995, Tim has worked extensively with SSL/TLS, helping adapt secure communication protocols across a wide range of platforms. He co-founded the RSA Security Australia development centre, where he led the development and FIPS 140 validation of the RSA BSAFE cryptographic toolkits. Tim is the President of the OpenSSL Corporation, a member of the OpenSSL Corporation Board of Directors and Technical Committees, and an active OpenSSL committer. He also contributes to global cryptographic standards as a co-editor for multiple OASIS specifications, including KMIP and PKCS#11. He has spoken at leading security conferences including RSA Conference, AusCERT, ICMC, and LinuxConf, and continues to play an active role in the development of secure systems and open standards.

Tomas Gustavsson is the Chief PKI Officer at Keyfactor. Tomas has an MSc from KTH in Stockholm and has been researching and implementing PKI systems since 1994. He is the founder of the open-source enterprise PKI project EJBCA and still get into development from time to time, a contributor to numerous open-source projects, and a member of the board of Open Source Sweden.

As a co-founder of PrimeKey, Tomas is passionate about helping users worldwide find the best possible PKI and digital signature solutions.

Ugo Chirico is a cybersecurity expert and entrepreneur with over 20 years of experience in cryptographic systems, secure middleware, and identity verification technologies. He is the founder and CEO of Cyberneid, a leading company in digital identity and smart card integration, and Quantum2Pi, a startup focused on post-quantum and quantum cryptography.

Ugo has developed critical software infrastructure used by national electronic ID systems and has deep expertise in smart cards, middlewares, PKI, FIDO, and OpenSSL-based implementations. He has recently focused on quantum-safe technologies, including the integration of Kyber and Dilithium within OpenSSL.

As the architect behind Qgram, an end-to-end encrypted messaging system using post-quantum cryptography, Ugo brings real-world experience in deploying PQC in production environments.

He is a frequent speaker at cybersecurity and cryptography events, and actively contributes to European initiatives for PQC standardization and migration.

Václav (Vashek) Matyáš is a Professor at Masaryk University, Brno, heading its Centre for Research on Cryptography and Security. His research interests relate to applied cryptography and security; he has published over 200 peer-reviewed papers and articles. He worked also with Cybernetica, Red Hat Czech, CyLab at Carnegie Mellon University, as a Fulbright-Masaryk Visiting Scholar at Harvard University, Microsoft Research Cambridge, University College Dublin, Ubilab at UBS AG, and as a Royal Society Postdoctoral Fellow with the Cambridge University Computer Lab. Vashek also worked on the Common Criteria and in ISO/IEC JTC1 SC27. He can be contacted at matyas AT fi.muni.cz.

Contributor to Postfix since 2001, primary maintainer of its TLS stack. Active user of OpenSSL since ~2006. Active contributor to OpenSSL since 2016, in particular author of OpenSSL DANE support with a general focus on the X.509 verification code and its use in TLS. Member of OpenSSL OMC from ~2016-2019. More recently actively contributed to the integration of ML-KEM and ML-DSA into OpenSSL 3.5. Other technical areas of expertise include SMTP email and DNS.

Dr. Vladimir Soukharev is VP of Cryptographic R&D at InfoSec Global, a Keyfactor Company. He is focused on cryptographic research and development and is inspired by continuous innovation. Vladimir obtained his Ph.D. from the University of Waterloo’s David R. Cheriton School of Computer Science, specializing in cryptography, security and privacy under the supervision of David Jao. He was part of the Centre for Applied Cryptographic Research, CryptoWorks21 and has contributed and published works at world-renowned conferences and in journals, such as PQCrypto, Financial Cryptography and the Journal of Mathematical Cryptology. Since completing his formal studies in 2016, he has dedicated his work life to advancing the knowledge and application of cutting-edge cryptography and cyber security technologies to protect vital information and communications in complex, highly regulated environments. Vladimir is leading and managing the cryptographic R&D at InfoSec Global, with main focus on Post-Quantum Cryptography, Cryptographic Agility, and Cryptographic Discovery & Analytics. He is also contributing to and is part of government initiatives and standards related to PQC and cryptographic migration, which include NCCoE, NIST, and Quantum-Safe Canada.

William Bellingrath, Software Engineer Staff, Cybersecurity R&D, Juniper Networks

William has been part of the team that handles the core security libraries and applications across Juniper Network's network portfolio for the past 7 years. He leads the major OpenSSL upgrades in the company's networking operating systems.

Yaroslav Rosomakho is Chief Scientist at Zscaler, where he leads research and innovation in secure networking, infrastructure resiliency, protocol design, and post-quantum cryptography. He is an active contributor to the IETF, currently chairing the HPKE Working Group and contributing to TLS, QUIC, MASQUE, and HTTP. Yaroslav has authored and co-authored several Internet-Drafts focused on enhancing the security of long-lived encrypted sessions and enabling scalable identity frameworks. Prior to Zscaler, he served as Field CTO at Netskope and held various technical leadership roles at Arbor Networks. His current focus is on building cryptographically resilient systems for the next generation of cloud and zero-trust architectures.

Dr. Yi Ouyang is the Director of Software Development at Oracle, where he leads the Oracle Crypto Foundation team. In this role, he oversees the design and implementation of critical security technologies, including network security, data encryption, and authentication systems that help safeguard Oracle’s infrastructure and products.
Dr. Ouyang earned his Ph.D. in Computer Science from Dartmouth College in New Hampshire, USA, in 2008. His doctoral research concentrated on encryption key management, data protection, and privacy in sensor networks, and his work has been featured in several prestigious international conferences.
Since joining Oracle, Dr. Ouyang has been instrumental in the development of numerous security products and features, contributing to Oracle’s reputation as a global leader in enterprise security solutions.

I received my Ph.D. from the Institute of Software, Chinese Academy of Sciences (ISCAS), and have been working at Alibaba Group and Ant Group as a security expert since 2020.
My research interests include cryptographic protocols and the implementation of cryptographic primitives.