Jayati Dev, Comcast Cable
Large organizations depend on cryptography for security and compliance with existing standards yet often lack a reliable understanding of where cryptographic assets actually exist. "Assets", like, certificates, keys, algorithms, and protocols are scattered across source code, network traffic, infrastructure, and third‑party systems, frequently managed by different teams. This lack of visibility makes it difficult to assess cryptographic risk and create a well-informed plan to migrate to newer quantum-resistant algorithms. Post-quantum readiness largely depends on what we can observe – we cannot fix cryptography that we cannot see. This talk presents XIPHER, a scalable approach to cryptographic inventory. We discuss XIPHER as a methodology and a suite of tools that can build scalable inventory of cryptographic assets to help with current and future compliance with encryption standards.
Jayati Dev is a cybersecurity researcher working at the intersection of policy and emerging technologies at Comcast. She leads the inventorying workstream for the Post-Quantum Cryptography (PQC) Center of Excellence, building tools and solutions for encryption compliance. She also supports the public policy workstream, working on various areas of emerging tech policy like PQC. Jayati holds a PhD in Security Informatics from Indiana University Bloomington where she worked on privacy-preserving technologies in conversational platforms. She has also been a Google Public Policy fellow in cybersecurity policy and a co-lead researcher in a National Science Foundation multi-year investigation into IoT privacy.
