Our paper suggests an adapted algorithm that can report error chains between API misuses. The empirical study onn 471 GitHub repositories showed that 50% of projects are affected by connected cryptographic API misuses. Further, the runtime overhead is minimal, and developers appreciate the adaption.

Our user study shows that the Eclipse plugin CogniCrypt reduces misuses and speeds development, enhancing security and efficiency for cryptographic API usage. Through a controlled experiment with 24 Java developers, we found that CogniCrypt significantly improves code security and development speed for cryptography-related tasks. Developers appreciate CogniCrypt’s code generation and static analysis, though integrating the generated code remains a challenge.

This paper presents programming support for local-first applications, enabling automatic synchronization and end-to-end encryption using algebraic data types. It addresses challenges in availability, privacy, and security, ensuring data integrity and eventual consistency without complex solutions.

UNGOML, an automated classifier for Go’s unsafe package, uses deep learning to classify the purpose of unsafe usages. It achieves over 86% accuracy, aiding in tasks like refactoring and security audits by identifying what is done with the unsafe package and why.

Empirial study of cryptographic misuses on enterprise-driven applications that identified several potential effective false positives, such as the use of hash algorithms in a non-security context. Further, we introduced a theoretical model of vulnerabilities caused by API misuses.