Developers Are Users Too: Designing Crypto and Security APIs That Busy Engineers and Sysadmins Can Use Securely

Matthew Green, Johns Hopkins University, and Matthew Smith, Rheinische Friedrich-Wilhelms-Universität Bonn

Abstract: 

Over the past several years a number of new cryptographic libraries and APIs have become available to developers. These libraries promise to greatly increase the use of cryptography on the web and in the cloud, but they often do so at a cost. In this workshop we will attempt to outline a new paradigm for cryptographic API development that treats normal developers, rather than cryptographers, as the primary consumer -- and treat developer use as a critical failure mode, rather than a regrettable failure.

To begin this discussion, we will present several case studies of existing APIs that have seen widespread real world misuse, and we will attempt to characterize the key failings that created these situations. We will also discuss the contributing factors that led to these conditions, including: standards bodies, lack of formal testing requirements, and the expressiveness/safety tradeoff. We will then consider the base requirements for a "developer safe" regime of library and API development that reduce the possibility of misuse. Towards this end we will also consider a number of APIs that have been successful in this regard, and work to distill these lessons into formal recommendations. Finally, we will discuss if we as a community need to adopt techniques from the HCI community when designing cryptographic APIs and libraries.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@conference {208780,
author = {Matthew Green and Matthew Smith},
title = {Developers Are Users Too: Designing Crypto and Security {APIs} That Busy Engineers and Sysadmins Can Use Securely },
year = {2015},
address = {Washington, D.C.},
publisher = {USENIX Association},
month = aug,
}

Comments

0 likes
0 dislikes