English
Related papers

Related papers: How Usable are Rust Cryptography APIs?

200 papers

Increasing number of cyber-attacks demotivate people to use Information and Communication Technology (ICT) for industrial as well as day to day work. A main reason for the increasing number of cyber-attacks is mistakes that programmers make…

Cryptography and Security · Computer Science 2018-10-12 Chamila Wijayarathna , Nalin Asanka Gamagedara Arachchilage

Rust is a promising programming language that focuses on concurrency, usability, and security. It is used in production code by major industry players and got recommended by government bodies. Rust provides strong security guarantees…

Cryptography and Security · Computer Science 2025-05-06 David Paaßen , Jens-Rene Giesen , Lucas Davi

Previous research has shown that crypto APIs are hard for developers to understand and difficult for them to use. They consequently rely on unvalidated boilerplate code from online resources where security vulnerabilities are common. We…

Cryptography and Security · Computer Science 2019-08-06 Mohammadreza Hazhirpasand , Mohammad Ghafari , Stefan Krüger , Eric Bodden , Oscar Nierstrasz

For library developers, understanding how their Application Programming Interfaces (APIs) are used in the field can be invaluable. Knowing how clients are using their APIs allows for data-driven decisions on prioritising bug reports,…

Software Engineering · Computer Science 2025-06-16 Ahmed Zaki , Cristian Cadar

Lack of usability of security Application Programming In- terfaces (APIs) is one of the main reasons for mistakes that programmers make that result in security vulnerabilities in software applications they develop. Especially, APIs that…

Cryptography and Security · Computer Science 2018-05-25 Chamila Wijayarathna , Nalin Asanka Gamagedara Arachchilage

Advances in quantum computing increasingly threaten the security and privacy of data protected by current cryptosystems, particularly those relying on public-key cryptography. In response, the international cybersecurity community has…

Cryptography and Security · Computer Science 2026-02-17 Marthin Toruan , R. D. N. Shakya , Samuel Tseitkin , Raymond K. Zhao , Nalin Arachchilage

Rust aims to be a safe programming language applicable to systems programming applications. In particular, its type system has strong guardrails to prevent a variety of issues, such as memory safety bugs and data races. However, these…

Programming Languages · Computer Science 2024-10-04 Alex Le Blanc , Patrick Lam

The correct adoption of cryptography APIs is challenging for mainstream developers, often resulting in widespread API misuse. Meanwhile, cryptography misuse detectors have demonstrated inconsistent performance and remain largely…

Cryptography and Security · Computer Science 2024-09-11 Ehsan Firouzi , Mohammad Ghafari , Mike Ebrahimi

We present a usability study of the Ascon 1.2 family of cryptographic algorithms. As far as we know, this is the first published experimental evaluation aimed at a cryptographic design (i.e. not a specific API) with the purpose of informing…

Human-Computer Interaction · Computer Science 2023-07-17 Arne Padmos

Developers rely on third-party library Application Programming Interfaces (APIs) when developing software. However, libraries typically come with assumptions and API usage constraints, whose violation results in API misuse. API misuses may…

Software Engineering · Computer Science 2026-04-17 Akalanka Galappaththi , Sarah Nadi , Christoph Treude

The Rust programming language restricts aliasing to provide static safety guarantees. However, in certain situations, developers need to bypass these guarantees by using a set of unsafe features. If they are used incorrectly, these features…

Software Engineering · Computer Science 2026-03-09 Ian McCormack , Tomas Dougan , Sam Estep , Hanan Hibshi , Jonathan Aldrich , Joshua Sunshine

REST is today's most widely used architectural style for providing web-based services. In the age of service-orientation (a.k.a. Software as a Service (SaaS)) APIs have become core business assets and can easily expose hundreds of…

Software Engineering · Computer Science 2026-01-26 Sven Peldszus , Jan Rutenkolk , Marcel Heide , Jan Sollmann , Benjamin Klatt , Frank Köhne , Thorsten Berger

Embedded software is used in safety-critical systems such as medical devices and autonomous vehicles, where software defects, including security vulnerabilities, have severe consequences. Most embedded codebases are developed in unsafe…

Cryptography and Security · Computer Science 2024-09-06 Ayushi Sharma , Shashank Sharma , Santiago Torres-Arias , Aravind Machiry

Rust aims to offer full memory safety for programs, a guarantee that untamed C programs do not enjoy. How difficult is it to translate existing C code to Rust? To get a complementary view from that of automatic C to Rust translators, we…

Software Engineering · Computer Science 2024-12-09 Ruishi Li , Bo Wang , Tianyu Li , Prateek Saxena , Ashish Kundu

In Rust, unsafe code is the sole source of potential undefined behaviors. To avoid misuse, Rust developers should clarify the safety properties for each unsafe API. However, the community currently lacks a key standard for safety…

Programming Languages · Computer Science 2026-04-28 Zihao Rao , Jiping Zhou , Hongliang Tian , Xin Wang , Hui Xu

Rust is a popular programming language in building various low-level software in recent years. It aims to provide safe concurrency when implementing multi-threaded software through a suite of compiler checking rules. Unfortunately, there is…

Programming Languages · Computer Science 2019-02-07 Zeming Yu , Linhai Song , Yiying Zhang

Prior research has shown that cryptography is hard to use for developers. We aim to understand what cryptography issues developers face in practice. We clustered 91954 cryptography-related questions on the Stack Overflow website, and…

Cryptography and Security · Computer Science 2021-08-17 Mohammadreza Hazhirpasand , Oscar Nierstrasz , Mohammadhossein Shabani , Mohammad Ghafari

Advanced type systems that enforce various correctness and safety guarantees--such as linear and ownership types--have a long history in the Programming Languages research community. Despite this history, a human-centered evaluation of…

Programming Languages · Computer Science 2023-01-09 Kasra Ferdowsi

Rust is a general-purpose programming language that is both type- and memory-safe. Rust does not use a garbage collector, but rather achieves these properties through a sophisticated, but complex, type system. Doing so makes Rust very…

Software Engineering · Computer Science 2022-02-16 Michael Coblenz , Michelle Mazurek , Michael Hicks

RESTful APIs are a type of web services that are widely used in industry. In the last few years, a lot of effort in the research community has been spent in designing novel techniques to automatically fuzz those APIs to find faults in them.…

Software Engineering · Computer Science 2022-07-11 Man Zhang , Andrea Arcuri