crypto_lib: Comparing and selecting cryptography libraries (long version of EICC 2022 publication)

03/30/2022
by   Jan Wohlwender, et al.
0

Selecting a library out of numerous candidates can be a laborious and resource-intensive task. We present the crypto_lib index, a tool for decision-makers to choose the best fitting cryptography library for a given context. To define our index, 15 library attributes were synthesized from findings based on a literature review and interviews with decision-makers. These attributes were afterwards validated and weighted via an online survey. In order to create the index value for a given library, the individual attributes are assessed using given evaluation criteria associated with the respective attribute. As a proof of concept and to give a practical usage example, the derivation of the crypto_lib values for the libraries Bouncy Castle and Tink are shown in detail. Overall, by tailoring the weighting of the crypto_lib attributes to their current use case, decision-makers are enabled to systematically select a cryptography library fitting best to their software project at hand in a guided, repeatable and reliable way.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
05/26/2020

Selecting third-party libraries: The practitioners' perspective

The selection of third-party libraries is an essential element of virtua...
research
02/13/2019

The artist libraries project

The creation of the Artist Libraries Project was sparked by the observat...
research
11/02/2021

Dazed and Confused: What's Wrong with Crypto Libraries?

Recent studies have shown that developers have difficulties in using cry...
research
07/05/2022

iLibScope: Reliable Third-Party Library Detection for iOS Mobile Apps

Vetting security impacts introduced by third-party libraries in iOS apps...
research
09/26/2022

Too Many Options: A Survey of ABE Libraries for Developers

Attribute-based encryption (ABE) comprises a set of one-to-many encrypti...
research
12/23/2013

Predictive User Modeling with Actionable Attributes

Different machine learning techniques have been proposed and used for mo...

Please sign up or login with your details

Forgot password? Click here to reset