Outlining the cryptographic FOSS ecosystem

In this project we investigate the contributor structures and attribution practices behind critical cryptographic FOSS implementations. By mapping out which individuals contribute, what expertise they bring, and how contributions are managed and verified, the study seeks to uncover the social dynamics that influence the robustness of these libraries. Understanding these aspects will contribute to the discussions around the security of critical open-source projects and may derive recommendations for protective measures, policy recommendations, or community-driven interventions for these vital components.

We are still looking for participants for this interview study on the communities behind cryptographic FOSS projects and security challenges that maintaining such software entitle! More details and how to participate can be found on our project website: Projekt Website

Researchers

• Jan-Ulrich Holtgrave | Researcher (CISPA).
• Ivana Trummová | Researcher (LUH, CTU in Prague).
• Principal Investigator Sascha Fahl | Tenured Faculty (CISPA) and Full Professor (Leibniz University Hannover).

Institutions

CISPA Helmholtz-Center for Information Security
https://www.cispa.de/

Leibniz University Hannover
https://www.uni-hannover.de/en/

CTU in Prague
https://fit.cvut.cz/en