- OpenSSL Conference 2025 in Prague highlighted cryptography as a strategic factor for startups
- 450 participants from 25+ countries attended, bridging technical, legal, and business expertise
- Advances like Post-Quantum Cryptography, Fully Homomorphic Encryption, and Zero-Knowledge Proofs were discussed for future-proofing security
- Open source transparency combined with compliance efforts is poised to make cryptography accessible and trustworthy
On October 7–9th, Prague became the global hub for cryptography and digital security as the city hosted the OpenSSL Conference 2025. The event brought together 450 participants from over 25 countries, including leading cryptographers, regulators, lawyers, managers, and key developers. More than 40% of speakers came from North America, reflecting the conference’s global reach.
The gathering reinforced a crucial insight: cryptography is no longer merely a technical tool—it has become a strategic factor that directly influences startups’ ability to scale, attract investment, and maintain compliance. Attendees ranged from industry giants like Intel, Microsoft, and SAP to local startups and academics, creating a unique forum for knowledge exchange and discussions that are poised to shape the future of global cybersecurity.
Highlighting Next-Generation Cryptography Standards
ITKeyMedia approached OpenSSL Corporation’s director Anton Arapov to dive into the Conference’s mission and ethos, as well as the overall state and perspectives of cryptography.
First of all, the OpenSSL project has long been at the heart of global internet security. How does the community balance the open-source ethos of transparency with the growing pressure from regulators and enterprise clients for formal assurance and certification?
Anton Arapov: Transparency has always been at the core of the OpenSSL Project’s DNA. Our code, discussions, and decisions are open for anyone to see. This openness helps people trust the software on which they depend. At the same time, the world now expects stronger evidence that systems are reliable and secure.
We’re adding more structured testing, certification work, and clear documentation, all while keeping the process public. Our transparency and assurance go hand in hand, and anyone can see how we build reliability. We invite companies, regulators, and individuals to be part of this open approach to trustworthy security.
What unique qualities—academic, cultural, or industrial—made Prague an ideal location for the Conference shaping the future of global cryptography and open security standards?
AA: Prague was the right place and natural choice for our conference as the OpenSSL Corporation has its headquarters in Brno and most of the team is based in the Czech Republic. This city combines deep academic roots, an active research community, and a spirit of openness, — all things that reflect what we stand for. With its mix of history and innovation, Prague captured the spirit of our event: connecting people who are shaping the future of cryptography and open security.
And located in the heart of Europe, it also makes travel easier for many participants.
The OpenSSL Conference 2025 gathered cryptographers, lawyers, and business leaders under one roof. Did you learn about any communication gaps between technical experts and executives? And how exactly can conferences like this help bridge that divide?
Anton Arapov, Director at OpenSSL Corporation
AA: Strong security depends on both technical precision and a clear strategy. Engineers focus on the details of how systems work, while executives focus on managing risks, responsibilities, and setting long-term direction. When both groups come together, they make better decisions. That’s one goal of our conference — creating a space where technical experts, policymakers, and business leaders can speak the same language. In doing so, we strengthen not only our systems but the trust that holds the entire security ecosystem together.
The Conference highlighted the legal implications of open-source use. How is the OpenSSL community adapting to a world where compliance requirements (like NIS2) increasingly shape how open-source code is built, distributed, and maintained?
AA: New regulations, such as Europe’s NIS2 Directive, bring more focus on accountability and documentation, and that’s a positive step. The OpenSSL community is refining its own processes to match these standards:
- Deeper testing and review steps,
- Clearer release processes,
- Public records that show how secure software is built.
We believe compliance and openness can work together. We invite organizations to help define how open-source security can meet modern legal and safety expectations without losing the openness that makes it strong.
It was emphasized that cryptography is now a strategic scaling factor for startups. How do smaller companies practically contribute to the OpenSSL ecosystem, which is often dominated by big players like Microsoft or Intel?
AA: The OpenSSL Library depends on contributions from organizations of all sizes. Large businesses offer resources, stability, and long-term support, while small businesses bring flexibility, fresh ideas, and testing across unique environments. Through our advisory committees and open community channels, everyone can share feedback directly, and every voice is heard. We want the OpenSSL Library to stay open and accessible to all and guided by the collective insight of all who rely on it, large or small, technical or not.
Bill Buchanan OBE, Professor at the Edinburgh Napier University, Fellow of the Royal Society of Edinburgh
Prof. Bill Buchanan and others discussed Homomorphic Encryption (FHE) and Zero-Knowledge Proofs (ZKP) as future-defining technologies. How do you envision OpenSSL evolving to support privacy-preserving computation—not just secure transmission?
AA: New technologies like Fully Homomorphic Encryption (FHE) and Zero-Knowledge Proofs (ZKP) could change online privacy. They’re still developing, but they show what’s next for data protection.
At the OpenSSL Corporation, we’re closely following these advances to be ready when they become practical and reliable, so we can build what’s in our nature: open, trusted, and well-reviewed security tools. We strive to ensure that everyone, regardless of who they are, where they are, or what they believe, has access to the tools they need for security and privacy. And if these technologies become the new norm, we should be there to make them accessible to all.
Looking ahead, with cryptographic systems growing more complex, how does one avoid a talent gap? Can OpenSSL become more approachable for developers who aren’t cryptography specialists but need to use it safely?
AA: Cryptography can be complex, but using it shouldn’t have to be. Enhancing documentation, examples, and APIs, we’re making the OpenSSL Library safer and more intuitive for every developer, even those who aren’t cryptography experts. Our community also helps people learn from each other.
By sharing knowledge openly, we make security skills more accessible to all and prevent a talent gap in the years ahead. When knowledge is shared openly, trust grows, and that principle guides everything we do.
The OpenSSL Conference 2025 in Prague illustrated how cryptography is no longer just a technical necessity but a strategic pillar for innovation, compliance, and trust in the digital world. By bringing together experts from diverse sectors, the event fostered collaboration, knowledge-sharing, and forward-looking discussions that will shape the future of secure technology. As advances like Post-Quantum Cryptography, Fully Homomorphic Encryption, and Zero-Knowledge Proofs continue to evolve, gatherings like this ensure that both startups and established players are prepared to build a safer, more resilient digital ecosystem.
Kostiantyn is a freelance writer from Crimea but based in Lviv. He loves writing about IT and high tech because those topics are always upbeat and he’s an inherent optimist!
