SecAppDev 2025 - Cryptography

A technical introduction to Verifiable Credentials, highlighting use cases, implementation lessons, interoperability profiles, and recent updates to the related specifications.

Key takeaway: Interoperability in the wallet model requires aligned choices across the stack that meet use case requirements in terms of UX, security, privacy, etc.

This talk covers PKI technologies, their role in web security, key failures and fixes (e.g., EV, pinning, transparency), and the impact of eIDAS 2.0 on EU PKI services and upcoming European Digital Identity Wallets.

Key takeaway: PKI is a core technology that are essential to secure large open systems; surprisingly, it is technically complex and presents governance challenges.

MPC, FHE and ZKP are complementary COED technologies that provide different flavours of confidentiality and verifiability within different trust settings and threat models. Often, neither one of them is a miracle solution alone.

Key takeaway: Preserving data confidentiality during computation is a real-world possibility given the right choice and combination of COED tools.

Post-Quantum Cryptography (PQC) answers the threat posed by quantum computers. We cover the status of PQC standards and national agencies' and EU recommendations. We conclude with performance benchmarks and crypto agility challenges.

Key takeaway: 2025 is a good year to start the 10-year post-quantum migration journey

Explore the architecture, governance, and real-world implementation of Germany’s EUDI Wallet ecosystem within the EU Digital Identity Framework.

Key takeaway: National-scale digital identity is built on both compliance and collaboration - Germany’s EUDI Wallet shows how strategy meets technical execution.