Hurdles for Developers in Cryptography

Prior research has shown that cryptography is hard to use for developers. We aim to understand what cryptography issues developers face in practice. We clustered 91954 cryptography-related questions on the Stack Overflow website, and manually analyzed a significant sample (i.e., 383) of the questions to comprehend the crypto challenges developers commonly face in this domain. We found that either developers have a distinct lack of knowledge in understanding the fundamental concepts, OpenSSL, public-key cryptography or password hashing, or the usability of crypto libraries undermined developer performance to correctly realize a crypto scenario. This is alarming and indicates the need for dedicated research to improve the design of crypto APIs.

READ FULL TEXT
research
11/02/2021

Dazed and Confused: What's Wrong with Crypto Libraries?

Recent studies have shown that developers have difficulties in using cry...
research
08/16/2021

FluentCrypto: Cryptography in Easy Mode

Research has shown that cryptography concepts are hard to understand for...
research
09/30/2021

Crypto Experts Advise What They Adopt

Previous studies have shown that developers regularly seek advice on onl...
research
11/06/2021

Cryptography Vulnerabilities on HackerOne

Previous studies have shown that cryptography is hard for developers to ...
research
09/29/2021

Worrisome Patterns in Developers: A Survey in Cryptography

We surveyed 97 developers who had used cryptography in open-source proje...
research
06/07/2020

Commitment Schemes and Diophantine Equations

Motivated by questions in cryptography, we look for diophantine equation...
research
09/20/2021

Understanding Xacro Misunderstandings

The Xacro XML macro language extends the Universal Robot Description For...

Please sign up or login with your details

Forgot password? Click here to reset