CryptoGo: Automatic Detection of Go Cryptographic API Misuses-Reference-Cited by-同舟云学术

CryptoGo: Automatic Detection of Go Cryptographic API Misuses

Published:2022-12-05 Issue: Volume: Page:
ISSN:
Container-title:Proceedings of the 38th Annual Computer Security Applications Conference
language:
Short-container-title:

Author:

Li Wenqing¹^ORCID,Jia Shijie¹^ORCID,Liu Limin¹^ORCID,Zheng Fangyu¹^ORCID,Ma Yuan¹^ORCID,Lin Jingqiang²^ORCID

Affiliation:

1. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Acadamy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China

2. School of Cyber Security, University of Science and Technology of China, China

Publisher

ACM

Link

https://dl.acm.org/doi/pdf/10.1145/3564625.3567989

Reference52 articles.

1. Nadhem J AlFardan , Daniel J Bernstein , Kenneth G Paterson , Bertram Poettering , and Jacob CN Schuldt . 2013 . On the security of RC4 in TLS and WPA . In USENIX Security Symposium, Vol. 173 . Nadhem J AlFardan, Daniel J Bernstein, Kenneth G Paterson, Bertram Poettering, and Jacob CN Schuldt. 2013. On the security of RC4 in TLS and WPA. In USENIX Security Symposium, Vol. 173.

2. Amit Seal Ami , Nathan Cooper , Kaushal Kafle , Kevin Moran , Denys Poshyvanyk , and Adwait Nadkarni . 2022 . Why Crypto-detectors Fail: A Systematic Evaluation of Cryptographic Misuse Detection Techniques. In 2022 IEEE Symposium on Security and Privacy (SP). IEEE, 614–631 . Amit Seal Ami, Nathan Cooper, Kaushal Kafle, Kevin Moran, Denys Poshyvanyk, and Adwait Nadkarni. 2022. Why Crypto-detectors Fail: A Systematic Evaluation of Cryptographic Misuse Detection Techniques. In 2022 IEEE Symposium on Security and Privacy (SP). IEEE, 614–631.

3. Recommendation for key management:

4. Daniel J Bernstein 2008 . ChaCha, a variant of Salsa20 . In Workshop record of SASC, Vol. 8 . Lausanne, Switzerland, 3–5. Daniel J Bernstein 2008. ChaCha, a variant of Salsa20. In Workshop record of SASC, Vol. 8. Lausanne, Switzerland, 3–5.

5. On the Practical (In-)Security of 64-bit Block Ciphers

Cited by 7 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. API Misuse Detection via Probabilistic Graphical Model;Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis;2024-09-11

2. Examining Cryptography and Randomness Failures in Open-Source Cellular Cores;Proceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy;2024-06-19

3. Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability;2024 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER);2024-03-12

4. JWTKey: Automatic Cryptographic Vulnerability Detection in JWT Applications;Lecture Notes in Computer Science;2024

5. Towards Discovering Quantum-Threats for Applications Using Open-Source Libraries;Lecture Notes in Computer Science;2024