all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

To Fix or Not to Fix: A Critical Study of Crypto-misuses in the Wild. (arXiv:2209.11103v1 [cs.CR])

Add to bookmarks
Sept. 23, 2022, 1:24 a.m. | Anna-Katharina Wickert, Lars Baumgärtner, Krishna Narasimhan, Michael Schlichtig, Mira Mezini

cs.CR updates on arXiv.org arxiv.org

Recent studies have revealed that 87 % to 96 % of the Android apps using
cryptographic APIs have a misuse which may cause security vulnerabilities. As
previous studies did not conduct a qualitative examination of the validity and
severity of the findings, our objective was to understand the findings in more
depth. We analyzed a set of 936 open-source Java applications for cryptographic
misuses. Our study reveals that 88.10 % of the analyzed applications fail to
use cryptographic APIs securely. …

critical crypto fix study

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

IDEA: Invariant Defense for Graph Adversarial Robustness 3 hours ago | arxiv.org
adversarial arxiv cs.cr cs.lg +4
BELT: Old-School Backdoor Attacks can Evade the State-of-the-Art Defense with Backdoor Exclusivity Lifting 3 hours ago | arxiv.org
art arxiv attackers attacks +19
ZTD$_{JAVA}$: Mitigating Software Supply Chain Vulnerabilities via Zero-Trust Dependencies 3 hours ago | arxiv.org
accelerate application application development arxiv +26
A Generative Framework for Low-Cost Result Validation of Machine Learning-as-a-Service Inference 3 hours ago | arxiv.org
applications arxiv as-a-service cost +23
PA-Boot: A Formally Verified Authentication Protocol for Multiprocessor Secure Boot 3 hours ago | arxiv.org
arxiv attack attacks attack surface +18
FairCMS: Cloud Media Sharing with Fair Copyright Protection 3 hours ago | arxiv.org
arxiv cloud cloud platform copyright +16
Efficient unitary designs and pseudorandom unitaries from permutations 3 hours ago | arxiv.org
algorithm arxiv construction cs.cr +9
Efficient and Near-Optimal Noise Generation for Streaming Differential Privacy 3 hours ago | arxiv.org
arxiv cs.cc cs.cr cs.ds +11
Privacy-Preserving Statistical Data Generation: Application to Sepsis Detection 3 hours ago | arxiv.org
application artificial artificial intelligence arxiv +19

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Digital Trust Cyber Transformation Senior

@ KPMG India | Mumbai, Maharashtra, India
View on infosec-jobs.com

Security Consultant, Assessment Services - SOC 2 | Remote US

@ Coalfire | United States
View on infosec-jobs.com

Sr. Systems Security Engineer

@ Effectual | Washington, DC
View on infosec-jobs.com

Cyber Network Engineer

@ SonicWall | Woodbridge, Virginia, United States
View on infosec-jobs.com

Security Architect

@ Nokia | Belgium
View on infosec-jobs.com
View more jobs