To Fix or Not to Fix: A Critical Study of Crypto-misuses in the Wild-Reference-Cited by-同舟云学术

To Fix or Not to Fix: A Critical Study of Crypto-misuses in the Wild

Published:2022-12 Issue: Volume: Page:
ISSN:
Container-title:2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)
language:
Short-container-title:

Author:

Wickert Anna-Katharina¹,Baumgärtner Lars¹,Schlichtig Michael²,Narasimhan Krishna¹,Mezini Mira¹

Affiliation:

1. Technische Universität Darmstadt,Darmstadt,Germany

2. Paderborn University,Heinz Nixdorf Institute,Paderborn,Germany

Publisher

IEEE

Link

http://xplorestaging.ieee.org/ielx7/10063338/10063342/10063348.pdf?arnumber=10063348

Reference28 articles.

1. Crysl: An extensible approach to validating the correct usage of cryptographic apis;krüger;IEEE TSE-Transactions of Software Engineering,2019

2. Side channel attacks on cbc encrypted messages in the pkcs# 7 format;klima;IACR Cryptol ePrint Arch,2003

3. icryptotracer: Dynamic analysis on misuse of cryptography functions in ios applications;li;International Conference on Network and System Security NSS,2015

4. Why does cryptographic software fail?

5. Why don’t software developers use static analysis tools to find bugs?;johnson;International Conference on Software Engineering ICSE,2013

Cited by 3 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. "False negative - that one is going to kill you": Understanding Industry Perspectives of Static Analysis based Security Testing;2024 IEEE Symposium on Security and Privacy (SP);2024-05-19

2. Building a Framework to Improve the User Experience of Static Analysis Tools;Proceedings of the 2024 IEEE/ACM 46th International Conference on Software Engineering: Companion Proceedings;2024-04-14

3. Certificate Reuse in Android Applications;Lecture Notes in Computer Science;2023