From Struggle to Simplicity with a Usable and Secure API for Encryption in Java

Ehsan Firouzi; Ammar Mansuri; Mohammad Ghafari; Maziar Kaveh

From Struggle to Simplicity with a Usable and Secure API for Encryption in Java

Ehsan Firouzi, Ammar Mansuri, Mohammad Ghafari, Maziar Kaveh

TL;DR

SafEncrypt is an API that streamlines encryption tasks for Java developers, built on top of the native Java Cryptography Architecture, and it shields developers from crypto complexities and erroneous low-level details.

Abstract

Cryptography misuses are prevalent in the wild. Crypto APIs are hard to use for developers, and static analysis tools do not detect every misuse. We developed SafEncrypt, an API that streamlines encryption tasks for Java developers. It is built on top of the native Java Cryptography Architecture, and it shields developers from crypto complexities and erroneous low-level details. Experiments showed that SafEncrypt is suitable for developers with varying levels of experience.

From Struggle to Simplicity with a Usable and Secure API for Encryption in Java

TL;DR

Abstract

Paper Structure (29 sections, 1 figure, 6 tables)

This paper contains 29 sections, 1 figure, 6 tables.

Introduction
Related Work
Developer Challenges
Methodology
Results
Key Initialization
Initialization Vector (IV)
Padding & Encoding
Encryption Mode.
Key transmission
Discussion
Security.
Interoperability.
Exceptions
SafEncrypt
...and 14 more sections

Figures (1)

Figure 1: Average Time and Difficulty for Different Tasks

From Struggle to Simplicity with a Usable and Secure API for Encryption in Java

TL;DR

Abstract

From Struggle to Simplicity with a Usable and Secure API for Encryption in Java

Authors

TL;DR

Abstract

Table of Contents

Figures (1)