FIPS 140-2 in BEAM apps

Download slides

Erlang's crypto module has supported a "FIPS mode" since release 20.0. Drew will discuss why you may care about FIPS 140-2 encryption, ways to integrate it into your tests suites and gotchas to compliance. He will discuss how simply putting crypto in FIPS mode is not enough.

Learn how dependencies and built-in libraries can sneak non-FIPS crypto into your application. Drew will also cover some general techniques to detect security issues in your code.

OBJECTIVES

  • Familiarize audience with FIPS 140-2 cryptography mode and why they may care about it
  • Provide examples of how to validate a BEAM application's compatibility with FIPS 140-2 mode enabled

TARGET AUDIENCE

  • Software vendors that have the US Federal government as a potential customer
  • Software developers looking to validate that their application runs without dependencies on insecure cryptographic algorithms
Drew Varner

Drew Varner

Back to all media

Code Sync and Erlang Solutions uses cookies to personalise your experience. By using this site you consent to the use of cookies Cookie Policy

Got it
×