Erlang's crypto module has supported a "FIPS mode" since release 20.0. Drew will discuss why you may care about FIPS 140-2 encryption, ways to integrate it into your tests suites and gotchas to compliance. He will discuss how simply putting crypto in FIPS mode is not enough.

Learn how dependencies and built-in libraries can sneak non-FIPS crypto into your application. Drew will also cover some general techniques to detect security issues in your code.

OBJECTIVES

Familiarize audience with FIPS 140-2 cryptography mode and why they may care about it

Provide examples of how to validate a BEAM application's compatibility with FIPS 140-2 mode enabled

TARGET AUDIENCE