Outlining the cryptographic FOSS ecosystem

In this project we investigate the contributor structures and attribution practices behind critical cryptographic FOSS implementations. By mapping out who contribute to those projects, what expertise they bring, and how contributions are managed and verified, the study seeks to uncover the social dynamics that influence the robustness of these libraries. Understanding these aspects will contribute to the discussions around the security of critical open-source projects and may derive recommendations for protective measures, policy recommendations, or community-driven interventions for these vital components.

We are still looking for participants for the interview part of our study! More details and how to participate can be found on our project website: Website

Researchers

• Jan-Ulrich Holtgrave | Researcher (CISPA).
• Ivana Trummová | Researcher (LUH, CTU in Prague).
• Principal Investigator Sascha Fahl | Tenured Faculty (CISPA) and Full Professor (Leibniz University Hannover).

Institutions

CISPA Helmholtz-Center for Information Security
https://www.cispa.de/

Leibniz University Hannover
https://www.uni-hannover.de/en/

CTU in Prague
https://fit.cvut.cz/en