Helping Johnny encrypt: toward semantic interfaces for cryptographic frameworks

@inproceedings{Indela2016HelpingJE,
  title={Helping Johnny encrypt: toward semantic interfaces for cryptographic frameworks},
  author={Soumya Indela and Mukul Kulkarni and Kartik Nayak and Tudor Dumitras},
  booktitle={Onward!},
  year={2016}
}
Several mature cryptographic frameworks are available, and they have been utilized for building complex applications. However, developers often use these frameworks incorrectly and introduce security vulnerabilities. This is because current cryptographic frameworks erode abstraction boundaries, as they do not encapsulate all the framework-specific knowledge and expect developers to understand security attacks and defenses. Starting from the documented misuse cases of cryptographic APIs, we… CONTINUE READING
Related Discussions
This paper has been referenced on Twitter 1 time. VIEW TWEETS

Citations

Publications citing this paper.
Showing 1-3 of 3 extracted citations

References

Publications referenced by this paper.
Showing 1-10 of 10 references

An End-to-End Measurement of Certificate Revocation in the Web's PKI

Internet Measurement Conference • 2015
View 6 Excerpts
Highly Influenced

SoK: Secure Messaging

2015 IEEE Symposium on Security and Privacy • 2015
View 7 Excerpts
Highly Influenced

Transitions: Recommendation for transitioning the use of cryptographic algorithms and key lengths

E. Barker, A. Roginsky
Technical Report 800-131A Revision 1, NIST Special Publication, • 2015
View 8 Excerpts
Highly Influenced

The most dangerous code in the world: validating SSL certificates in non-browser software

ACM Conference on Computer and Communications Security • 2012
View 18 Excerpts
Highly Influenced

An empirical study of cryptographic misuse in android applications

ACM Conference on Computer and Communications Security • 2013
View 7 Excerpts
Highly Influenced

Rethinking SSL development in an appified world

ACM Conference on Computer and Communications Security • 2013
View 8 Excerpts
Highly Influenced

The security impact of a new cryptographic library

IACR Cryptology ePrint Archive • 2011
View 4 Excerpts
Highly Influenced

How to design a good API and why it matters

OOPSLA Companion • 2006
View 2 Excerpts
Highly Influenced

Similar Papers

Loading similar papers…