The Community for Technology Leaders
2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE) (2017)
Urbana, IL, USA
Oct. 30, 2017 to Nov. 3, 2017
ISBN: 978-1-5386-3976-4
pp: 931-936
Stefan Kruger , Paderborn University, Germany
Sarah Nadi , University of Alberta, Canada
Michael Reif , Technische Universität Darmstadt, Germany
Karim Ali , University of Alberta, Canada
Mira Mezini , Technische Universität Darmstadt, Germany
Eric Bodden , Paderborn University, Germany
Florian Gopfert , Technische Universität Darmstadt, Germany
Felix Gunther , Technische Universität Darmstadt, Germany
Christian Weinert , Technische Universität Darmstadt, Germany
Daniel Demmler , Technische Universität Darmstadt, Germany
Ram Kamath , Technische Universität Darmstadt, Germany
ABSTRACT
Previous research suggests that developers often struggle using low-level cryptographic APIs and, as a result, produce insecure code. When asked, developers desire, among other things, more tool support to help them use such APIs. In this paper, we present CogniCrypt, a tool that supports developers with the use of cryptographic APIs. CogniCrypt assists the developer in two ways. First, for a number of common cryptographic tasks, CogniCrypt generates code that implements the respective task in a secure manner. Currently, CogniCrypt supports tasks such as data encryption, communication over secure channels, and long-term archiving. Second, CogniCrypt continuously runs static analyses in the background to ensure a secure integration of the generated code into the developer's workspace. This video demo showcases the main features of CogniCrypt: youtube.com/watch?v=JUq5mRHfAWY.
INDEX TERMS
Tools, Ciphers, Encryption, Java
CITATION

S. Kruger et al., "CogniCrypt: Supporting developers in using cryptography," 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE), Urbana, IL, USA, 2017, pp. 931-936.
doi:10.1109/ASE.2017.8115707
194 ms
(Ver 3.3 (11022016))