Abstract | ||
---|---|---|
Previous research suggests that developers often struggle using low-level cryptographic APIs and, as a result, produce insecure code. When asked, developers desire, among other things, more tool support to help them use such APIs. In this paper, we present CogniCrypt, a tool that supports developers with the use of cryptographic APIs. CogniCrypt assists the developer in two ways. First, for a number of common cryptographic tasks, CogniCrypt generates code that implements the respective task in a secure manner. Currently, CogniCrypt supports tasks such as data encryption, communication over secure channels, and long-term archiving. Second, CogniCrypt continuously runs static analyses in the background to ensure a secure integration of the generated code into the developer’s workspace. This video demo showcases the main features of CogniCrypt: youtube.com/watch?v=JUq5mRHfAWY.
|
Year | Venue | Keywords |
---|---|---|
2017 | ASE | Cryptography, Code Generation, Variability Modeling, Code Analysis |
Field | DocType | ISSN |
Static program analysis,World Wide Web,Workspace,Computer science,Cryptography,Communication channel,Encryption,Code generation,Java | Conference | 1527-1366 |
ISBN | Citations | PageRank |
978-1-5386-2684-9 | 5 | 0.41 |
References | Authors | |
18 | 11 |
Name | Order | Citations | PageRank |
---|---|---|---|
Stefan Krüger | 1 | 14 | 3.70 |
Sarah Nadi | 2 | 375 | 24.37 |
Michael Reif | 3 | 21 | 2.38 |
Karim Ali | 4 | 190 | 12.96 |
Mira Mezini | 5 | 3171 | 211.04 |
Eric Bodden | 6 | 2017 | 107.73 |
Florian Göpfert | 7 | 64 | 4.96 |
Felix Günther | 8 | 105 | 8.14 |
Christian Weinert | 9 | 21 | 4.41 |
Daniel Demmler | 10 | 128 | 7.16 |
Ram Kamath | 11 | 5 | 0.41 |