Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore emerging open source initiatives for standardizing and detecting cryptographic algorithms in software supply chains through this 14-minute conference talk from the Linux Foundation's Open Source Summit. Learn about the growing importance of cryptographic algorithm management driven by regulatory pressures, quantum computing threats, and security breaches in complex supply chains. Discover how understanding which crypto algorithms your software includes has become crucial for developers and organizations, especially regarding implications for downstream users. Examine two promising open source initiatives: the SPDX Crypto Algorithms List, which aims to standardize crypto algorithm declaration, and the Open Dataset for Keyword-Based Detection, an open dataset for detecting crypto algorithms via keywords useful for automated scanning. Watch a demonstration of a simple proof-of-concept implementation showing how to use these tools in practice. Gain insights into the background behind these efforts, latest developments and future plans, their relevance for security and transparency, and practical guidance on how to use and contribute to these initiatives to enhance existing Bill of Materials (xBOM) generation processes.
