English
Related papers

Related papers: ChatGPT's Potential in Cryptography Misuse Detecti…

200 papers

Application Programming Interfaces (APIs) often have usage constraints, such as restrictions on call order or call conditions. API misuses, i.e., violations of these constraints, may lead to software crashes, bugs, and vulnerabilities.…

Software Engineering · Computer Science 2018-03-14 Sven Amann , Hoan Anh Nguyen , Sarah Nadi , Tien N. Nguyen , Mira Mezini

Several studies showed that misuses of cryptographic APIs are common in real-world code (e.g., Apache projects and Android apps). There exist several open-sourced and commercial security tools that automatically screen Java programs to…

Cryptography and Security · Computer Science 2021-12-09 Sharmin Afrose , Ya Xiao , Sazzadur Rahaman , Barton P. Miller , Danfeng , Yao

In recent years, artificial intelligence has had a conspicuous growth in almost every aspect of life. One of the most applicable areas is security code review, in which a lot of AI-based tools and approaches have been proposed. Recently,…

Cryptography and Security · Computer Science 2023-08-29 Atieh Bakhshandeh , Abdalsamad Keramatfar , Amir Norouzi , Mohammad Mahdi Chekidehkhoun

Context: Cryptographic APIs are often misused in real-world applications. Therefore, many cryptographic API misuse detection tools have been introduced. However, there exists no established reference benchmark for a fair and comprehensive…

Software Engineering · Computer Science 2022-04-14 Michael Schlichtig , Anna-Katharina Wickert , Stefan Krüger , Eric Bodden , Mira Mezini

Cryptographic (crypto) algorithms are the essential ingredients of all secure systems: crypto hash functions and encryption algorithms, for example, can guarantee properties such as integrity and confidentiality. Developers, however, can…

Cryptography and Security · Computer Science 2020-09-07 Luca Piccolboni , Giuseppe Di Guglielmo , Luca P. Carloni , Simha Sethumadhavan

With the development of blockchain technology, smart contracts have become an important component of blockchain applications. Despite their crucial role, the development of smart contracts may introduce vulnerabilities and potentially lead…

Software Engineering · Computer Science 2025-07-14 Chong Chen , Jianzhong Su , Jiachi Chen , Yanlin Wang , Tingting Bi , Jianxing Yu , Yanli Wang , Xingwei Lin , Ting Chen , Zibin Zheng

Lack of experience, inadequate documentation, and sub-optimal API design frequently cause developers to make mistakes when re-using third-party implementations. Such API misuses can result in unintended behavior, performance losses, or…

Software Engineering · Computer Science 2021-07-13 Sebastian Nielebock , Robert Heumüller , Kevin Michael Schott , Frank Ortmeier

[Background] Previous research has shown that developers commonly misuse cryptography APIs. [Aim] We have conducted an exploratory study to find out how crypto APIs are used in open-source Java projects, what types of misuses exist, and why…

Cryptography and Security · Computer Science 2020-09-03 Mohammadreza Hazhirpasand , Mohammad Ghafari , Oscar Nierstrasz

The use of Large Language Models (LLMs) in software development is rapidly growing, with developers increasingly relying on these models for coding assistance, including security-critical tasks. Our work presents a comprehensive comparison…

Cryptography and Security · Computer Science 2024-11-18 Zohaib Masood , Miguel Vargas Martin

API misuse introduces security vulnerabilities, system failures, and increases maintenance costs, all of which remain critical challenges in software development. Existing detection approaches rely on static analysis or machine…

Software Engineering · Computer Science 2025-09-23 Saikat Mondal , Chanchal K. Roy , Hong Wang , Juan Arguello , Samantha Mathan

Cryptographic API misuse represents a critical vulnerability class that undermines the security foundations of modern software. Yet, it remains largely unexplored in Go despite its dominance in security-critical infrastructure. This paper…

Cryptography and Security · Computer Science 2026-04-28 Vivi Andersson , Martin Monperrus

Security Application Programming Interfaces (APIs) are crucial for ensuring software security. However, their misuse introduces vulnerabilities, potentially leading to severe data breaches and substantial financial loss. Complex API design,…

Cryptography and Security · Computer Science 2025-05-15 Zahra Mousavi , Chadni Islam , M. Ali Babar , Alsharif Abuadbba , Kristen Moore

Issue tracking systems serve as the primary tool for incorporating external users and customizing a software project to meet the users' requirements. However, the limited number of contributors and the challenge of identifying the best…

Software Engineering · Computer Science 2024-02-07 Joy Krishan Das , Saikat Mondal , Chanchal K. Roy

The increasing trend of using Large Language Models (LLMs) for code generation raises the question of their capability to generate trustworthy code. While many researchers are exploring the utility of code generation for uncovering software…

Cryptography and Security · Computer Science 2024-04-08 Zahra Mousavi , Chadni Islam , Kristen Moore , Alsharif Abuadbba , Muhammad Ali Babar

Background: Previous studies have shown that up to 99.59 % of the Java apps using crypto APIs misuse the API at least once. However, these studies have been conducted on Java and C, while empirical studies for other languages are missing.…

Software Engineering · Computer Science 2021-09-03 Anna-Katharina Wickert , Lars Baumgärtner , Florian Breitfelder , Mira Mezini

While the automated detection of cryptographic API misuses has progressed significantly, its precision diminishes for intricate targets due to the reliance on manually defined patterns. Large Language Models (LLMs) offer a promising…

Cryptography and Security · Computer Science 2026-03-19 Yifan Xia , Zichen Xie , Peiyu Liu , Kangjie Lu , Yan Liu , Wenhai Wang , Shouling Ji

Cryptography is known as a challenging topic for developers. We studied StackOverflow posts to identify the problems that developers encounter when using Java Cryptography Architecture (JCA) for symmetric encryption. We investigated…

Cryptography and Security · Computer Science 2024-06-11 Ehsan Firouzi , Mohammad Ghafari

Artificial Intelligence (AI) advancements have enabled the development of Large Language Models (LLMs) that can perform a variety of tasks with remarkable semantic understanding and accuracy. ChatGPT is one such LLM that has gained…

Software Engineering · Computer Science 2024-08-02 M. Mehdi Kholoosi , M. Ali Babar , Roland Croft

The misunderstanding and incorrect configurations of cryptographic primitives have exposed severe security vulnerabilities to attackers. Due to the pervasiveness and diversity of cryptographic misuses, a comprehensive and accurate…

Cryptography and Security · Computer Science 2023-05-16 Cong Sun , Xinpeng Xu , Yafei Wu , Dongrui Zeng , Gang Tan , Siqi Ma , Peicheng Wang

Various studies have empirically shown that the majority of Java and Android apps misuse cryptographic libraries, causing devastating breaches of data security. Therefore, it is crucial to detect such misuses early in the development…

Software Engineering · Computer Science 2017-10-04 Stefan Krüger , Johannes Späth , Karim Ali , Eric Bodden , Mira Mezini
‹ Prev 1 2 3 10 Next ›