Is it too late to talk about the International Cryptographic Modules Conference (ICMC)? Well, it really depends on how you look at it. If you were looking for a timely recap of the conference, then yes, I guess it is. But if you missed any of the details, this might be your last chance to catch up. And planning has just begun for next year\u2019s conference, so here\u2019s a chance to get early details of what might be coming up in the future!<\/p>\n

ICMC was held September 24 \u2013 26^{th<\/sup> this year in Gaithersburg, MD. The first day contained pre-conference workshop sessions that offered introductions to FIPS 140-2, side-channel analysis and testing, and discussions about cryptography in a mobile world. The second and third day offered two tracks: the certification program track and the technical track. I\u2019m just going to discuss the conference as a whole and where I believe and hope it is going.\u00a0 If you would like to know more about the presentations, there are already several fantastic recounts of the each workshop and the extremely qualified presenters. Information can also be found on the conference website<\/a>.<\/p>\n}

Unsure of what to expect for a first-time conference, especially one that sounded so technical, I was pleasantly surprised to see the number of representatives from both government (including NIST and CSEC) and private industry (including Blue Coat, McAfee, Symantec, and Cisco).\u00a0 Attendees hailed from across the globe, including the U.S., Canada, the U.K., France, Japan, and Korea.<\/p>\n

The Certification Programs Track, focused on FIPS 140-2 and CMVP validation program requirements and related topics. The technical track dug more into the nitty-gritty of cryptography, including fault injection and key management. \u00a0Presentations ranged from extremely technical, such as the discussions on entropy or Test Vector Leakage Assessments, to the non-technical, \u201cEverything You Wanted To Know About Labs, But Where Afraid To Ask\u201d panel session.\u00a0 Each track was equally attended and offered energetic discussion.\u00a0 There really were some great presentations. We even received an update on FIPS 140-3. More on that in a later blog post.<\/p>\n

A great deal of the credit for such a positive conference experience goes to the host. Atsec Information Security, and Program Chair Fiona Pattinson in particular, did a fantastic job with hosting this conference. Fiona and her team set the informal tone early and kept it relaxed yet on schedule, throughout. It ran smoothly and was intimate, informative, and enjoyable. It was three days of getting together with some of the best minds in cryptography to discuss (and at times disagree about) the subject attendees are passionate about.\u00a0 You know you\u2019ve attended a good conference when you leave thinking about next year.<\/p>\n

As I mentioned, planning for ICMC 2014 is already taking place. Early in October, a survey was sent to the more than 120 registrants from ICMC 2013. Questions soliciting feedback on the sessions and conference location were asked to determine what worked and what could be improved upon for next year. The results were collected and Fiona and a group of 12 others (including myself) have begun a series of conference calls to discuss the who, when, and where of next year\u2019s conference. The committee meets via these calls every two weeks and will continue to do so leading up to the event. The first meeting was held last Friday to discuss the survey results, selecting a location for next year\u2019s conference, dates, and schedule. Although there has been only one meeting, if that one meeting is any indication, ICMC 2014 will be an even bigger success than the inaugural conference.<\/p>\n

To find out more about FIPS 140-2, follow Corsec on Twitter<\/a>, LinkedIn<\/a>, or subscribe to our blog<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Is it too late to talk about the International Cryptographic Modules Conference (ICMC)? Well, it really depends on how you look at it. If you were looking for a timely recap of the conference, then yes, I guess it is. But if you missed any of the details, this might be your last chance to catch up. And planning has just begun for next year\u2019s conference…<\/p>\n","protected":false},"author":2,"featured_media":4400,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[63],"tags":[87,84,81],"class_list":["post-6452","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","tag-industry-updates","tag-entropy","tag-events","infinite-scroll-item","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","no-featured-image-padding"],"yoast_head":"\n