OpenSSL and FIPS - They Are Back Together

Explore the reunion of OpenSSL and FIPS 140-2 validation in this 46-minute RSA Conference talk. Delve into the architectural changes made to OpenSSL to accommodate FIPS validation, the scope of the validation, current status, and post-validation steps. Gain insights from Matthew Caswell, Developer at OpenSSL Software Foundation, and Ashit Vora, Vice President at Acumen Security, as they discuss the industry-significant integration of TLS v1.3 and FIPS in the same OpenSSL release. Learn about the history of OpenSSL and FIPS, FIPS validations to date, OpenSSL 3.0 design and overview, FIPS modules, and the current development and validation status. Understand the post-certification rebranding and certificate maintenance processes. Prerequisite knowledge of OpenSSL architecture, FIPS 140-2 requirements, and cryptography is recommended for optimal comprehension of this technical presentation.

Agenda
History of OpenSSL and FIPS
FIPS Validations to date
FIPS140 Boundary-OpenSSL with STATLIB 2.0
OpenSSL 1.1.1 Recap
OpenSSL 3.0 Design Meeting
OpenSSL 3.0 Overview
OpenSSL 3.0 - Conceptual Component View
OpenSSL 3.0-Packaging View
OpenSSL 3.0 Design Overview
OpenSSL FIPS Modules - Recap
OpenSSL 3.0 and FIPS
OpenSSL 3.0 FIPS Design - High Level
Current Status - OpenSSL 3.0 Schedule
Latest Status
Current Status - Development
Current Status - FIPS Validation
Post Certification - Rebranding
Post Certification - Certificate Maintenance
Apply what you have learned today
Important Links