Authors
Junwei Luo, Xuechao Yang, Xun Yi, Fengling Han, Iqbal Gondal, Guang-Bin Huang
Publication date
2023/1/30
Book
Proceedings of the 2023 Australasian Computer Science Week
Pages
102-111
Description
Cryptographic misuse such as incorrect use of cipher, key, and other security-related parameters in software products can lead to devastating consequences. While for many developers, the lack of prior experience in applied cryptography could be the cause of crypto misuses, the complexity of a crypto library, bad API design, and the lack of proper documentation and assistant tools are the factors that lead to misuses. In this paper, we conduct a comparative study on cryptographic libraries with regard to their design and usability. We choose nine libraries written in three programming languages as the candidate for the usability study. We pay attention to the design and usability of symmetric encryption APIs with the help of a series of tasks designed to evaluate potential causes of crypto misuses. The experimental results grant us new insights as to what improvements can be made to mitigate crypto misuses and our …
Total citations
Scholar articles
J Luo, X Yang, X Yi, F Han, I Gondal, GB Huang - Proceedings of the 2023 Australasian Computer …, 2023