Nikhil Patnaik, Joseph Hallett, and Awais Rashid, University of Bristol
Green and Smith propose ten principles to make cryptography libraries more usable, but to what extent do the libraries implement these principles? We undertook a thematic analysis of over 2400 questions and responses from developers seeking help with seven cryptography libraries on Stack Overflow; analyzing them to identify 17 underlying usability issues and studying see how prevalent they were across the seven libraries. Mapping our usability issues to Green and Smith’s usability principles we identify 4 usability smells where the principles are not being observed. We suggest improvements library developers can make to reduce the smells and how we can make cryptography libraries more usable for all.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Nikhil Patnaik and Joseph Hallett and Awais Rashid},
title = {Usability Smells: An Analysis of {Developers{\textquoteright}} Struggle With Crypto Libraries},
booktitle = {Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019)},
year = {2019},
isbn = {978-1-939133-05-2},
address = {Santa Clara, CA},
pages = {245--257},
url = {https://www.usenix.org/conference/soups2019/presentation/patnaik},
publisher = {USENIX Association},
month = aug
}
