The conference confirmed a key thesis: cryptography is no longer just a technical detail; it is a strategic domain that directly impacts a startup’s ability to scale, attract investment, and ensure compliance. The mix of attendees, from giants like Intel, Microsoft, and SAP to local startup players and academics, created an ideal forum for discussions that will shape cybersecurity globally.
Why should every tech startup care? Here are the three main trends that will determine your competitive edge:
1) Quantum Agility: How to Survive the ‘Quantum Leap’ (PQC)
The threat of quantum computers is not a matter of “if,” but “when.” For startups handling long-lived data (e.g., in FinTech or HealthTech), Post-Quantum Cryptography (PQC) is now essential for investor due diligence.
- Tanja Lange (Eindhoven University of Technology), a PQC expert, presented real-world solutions for automated PQC End-to-End Tunnels—showing how to migrate quickly and securely.
- Karthik Bhargavan focused on “High Assurance Post-Quantum Cryptography,” the foundation for earning the trust of the banking and regulatory sector, which is mandatory for scaling.
- David Hook (KeyBouncy Castle) unveiled the impact of PQC on library interoperability. PQC is a crucial investment that gives a startup a time advantage and eliminates future technological debt.
2) Speed and Innovation: Time-to-Market in the Cloud
In the startup world, transaction speed and rapid feature deployment are critical. The talks demonstrated how to maximize efficiency from OpenSSL, the core of nearly every secure connection.
- Legendary cryptographer Daniel J. Bernstein (University of Illinois Chicago) confirmed that code optimization in encryption has a direct impact on speed and reliability.
- Tomáš Mráz in his talk on “Performance Tuning With OpenSSL,” showed how even minor tweaks lead to a dramatic acceleration of transactions—and thus, reduced hardware costs.
- For Cloud-Native startups, the talk by Ranjan Kathuria on “Building a Cloud-Native Private CA with OpenSSL and CloudHSM” was indispensable. It provided a blueprint for a secure, self-service PKI architecture—the basis for safe, rapid scaling.
- Bill Buchanan (the first cryptographer awarded the Order of the British Empire) presented the future of data: Homomorphic Encryption (FHE) and Zero-Knowledge Proofs (ZKP). These technologies have the potential to fundamentally change how data is analyzed and shared while maintaining absolute privacy—an enormous investment and innovation opportunity for new products.
3) Risk & Compliance: Access to Enterprise Clients
For a startup looking to land a major corporate client, Compliance and risk management are the absolute entry key. Legal and regulatory topics were therefore one of the most heavily attended tracks:
- The panel discussion with Hayden Delaney, Lina Böcker, and Tereza Formanová underscored the legal risks of poorly managed open-source code. The message was clear: technological debt quickly translates into a legal and financial liability.
- Ashley Pusey in her presentation “From Bug to Breach: Legal Lessons in Cryptographic Failures,” shared concrete lessons from cases where cryptographic failure led to legal disputes.
- Jason Lawlor (Lightship Security) shared the know-how for FIPS 140-3 certification. Obtaining this certification is often key to entering the market for client data and government contracts.
- Rodrigo Panchiniak Fernandes dissected the implications of the NIS2 framework—a critical regulatory requirement for suppliers of services to critical infrastructure.
Prague: A Global Crypto-Hub
The OpenSSL Conference 2025 confirmed that critical technological discussions are happening in Prague. The event, which forged consensus for the future operation and mission of the OpenSSL project, delivered both practical know-how for today and a strategic vision for tomorrow.
And the best news? The rumors were true: the OpenSSL Conference will be held in Prague again next year. It was a cryptographic journey that will fundamentally influence how we invest in security, Compliance, and above all, how startups can scale in the coming years.
