@inproceedings{609c1d92925740e382821dd3760cc1a5,
title = "Usability and Security Effects of Code Examples on Crypto APIs",
abstract = "Context: Cryptographic APIs are said to be not usable and researchers suggest to add example code to the documentation. Aim: We wanted to create a free platform for cryptographic code examples that improves the usability and security of created applications by non security experts. Method: We created the open-source web platform CryptoExamples and conducted a controlled experiment where 58 students added symmetric encryption to a Java program. We then measured the usability and security. Results: The participants who used the platform were not only significantly more effective (+73%) but also their code contained significantly less possible security vulnerabilities (-66 %). Conclusions: With CryptoExamples the gap between hard to change API documentation and the need for complete and secure code examples can be closed. Still, the platform needs more code examples.",
author = "Kai Mindermann and Stefan Wagner",
note = "Publisher Copyright: {\textcopyright} 2018 IEEE.; 16th Annual Conference on Privacy, Security and Trust, PST 2018 ; Conference date: 28-08-2018 Through 30-08-2018",
year = "2018",
month = oct,
day = "29",
doi = "10.1109/PST.2018.8514203",
language = "English",
series = "2018 16th Annual Conference on Privacy, Security and Trust, PST 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
editor = "Deng, {Robert H.} and Stephen Marsh and Jason Nurse and Rongxing Lu and Sakir Sezer and Paul Miller and Liqun Chen and Kieran McLaughlin and Ali Ghorbani",
booktitle = "2018 16th Annual Conference on Privacy, Security and Trust, PST 2018",
}