Time to Separate from StackOverflow and Match with ChatGPT for Encryption
Cryptography is known as a challenging topic for developers. We studied StackOverflow posts to identify the problems that developers encounter when using Java Cryptography Architecture (JCA) for symmetric encryption. We investigated security risks that are disseminated in these posts, and we examine...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Journal Article |
| Language: | English |
| Published: |
10-06-2024
|
| Subjects: | |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Abstract | Cryptography is known as a challenging topic for developers. We studied
StackOverflow posts to identify the problems that developers encounter when
using Java Cryptography Architecture (JCA) for symmetric encryption. We
investigated security risks that are disseminated in these posts, and we
examined whether ChatGPT helps avoid cryptography issues. We found that
developers frequently struggle with key and IV generations, as well as padding.
Security is a top concern among developers, but security issues are pervasive
in code snippets. ChatGPT can effectively aid developers when they engage with
it properly. Nevertheless, it does not substitute human expertise, and
developers should remain alert. |
|---|---|
| AbstractList | Cryptography is known as a challenging topic for developers. We studied
StackOverflow posts to identify the problems that developers encounter when
using Java Cryptography Architecture (JCA) for symmetric encryption. We
investigated security risks that are disseminated in these posts, and we
examined whether ChatGPT helps avoid cryptography issues. We found that
developers frequently struggle with key and IV generations, as well as padding.
Security is a top concern among developers, but security issues are pervasive
in code snippets. ChatGPT can effectively aid developers when they engage with
it properly. Nevertheless, it does not substitute human expertise, and
developers should remain alert. |
| Author | Ghafari, Mohammad Firouzi, Ehsan |
| Author_xml | – sequence: 1 givenname: Ehsan surname: Firouzi fullname: Firouzi, Ehsan – sequence: 2 givenname: Mohammad surname: Ghafari fullname: Ghafari, Mohammad |
| BackLink | https://doi.org/10.48550/arXiv.2406.06164$$DView paper in arXiv |
| BookMark | eNotz71OwzAYhWEPMEDhApj4biDBjn9CRhSVUqmoSM0efXZsxaKxI2O19O4phendjs5zS65CDJaQB0ZL8SwlfcL07Q9lJagqqWJK3JB15ycLOcLOzpgwW3ApTrDLaD63B5vcPh4BwwDvmM0IR59HaEfMq48OXEywDCad5uxjuCPXDvdf9v6_C9K9Lrv2rdhsV-v2ZVOgqkUhaV3pihnTqMqqgQnJFQo3OD44ac9h2iJrUFNVc43np7USjbaON8Y4TvmCPP7NXiz9nPyE6dT_mvqLif8AS5xIrg |
| ContentType | Journal Article |
| Copyright | http://creativecommons.org/licenses/by/4.0 |
| Copyright_xml | – notice: http://creativecommons.org/licenses/by/4.0 |
| DBID | AKY GOX |
| DOI | 10.48550/arxiv.2406.06164 |
| DatabaseName | arXiv Computer Science arXiv.org |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: GOX name: arXiv.org url: http://arxiv.org/find sourceTypes: Open Access Repository |
| DeliveryMethod | fulltext_linktorsrc |
| ExternalDocumentID | 2406_06164 |
| GroupedDBID | AKY GOX |
| ID | FETCH-LOGICAL-a674-5072b21cc962e6d14536a4fdf3df5edf31bea19ab0673ba4067649bef39ccf303 |
| IEDL.DBID | GOX |
| IngestDate | Tue Jun 18 04:50:31 EDT 2024 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-a674-5072b21cc962e6d14536a4fdf3df5edf31bea19ab0673ba4067649bef39ccf303 |
| OpenAccessLink | https://arxiv.org/abs/2406.06164 |
| ParticipantIDs | arxiv_primary_2406_06164 |
| PublicationCentury | 2000 |
| PublicationDate | 2024-06-10 |
| PublicationDateYYYYMMDD | 2024-06-10 |
| PublicationDate_xml | – month: 06 year: 2024 text: 2024-06-10 day: 10 |
| PublicationDecade | 2020 |
| PublicationYear | 2024 |
| Score | 1.9249007 |
| SecondaryResourceType | preprint |
| Snippet | Cryptography is known as a challenging topic for developers. We studied
StackOverflow posts to identify the problems that developers encounter when
using Java... |
| SourceID | arxiv |
| SourceType | Open Access Repository |
| SubjectTerms | Computer Science - Cryptography and Security |
| Title | Time to Separate from StackOverflow and Match with ChatGPT for Encryption |
| URI | https://arxiv.org/abs/2406.06164 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://sdu.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwdV25TgMxEB2RVDQIBCicmoJ2Ae8ab1yikIMCgpQU6SIfYwWBNigHx98z9gZBQ2XJdjNje97zMc8AF0qZgqxWmS1dmckgBMdBaTJv2wz4wWtL8Sh7MCofJ-27bpTJwZ9cGLP4fH6v9YHt8irCzSUjjpINaOR5fLLVH07qy8kkxbXp_9uPOWaq-gMSvV3Y2bA7vK2HYw-2qNqH-5hmgas5jigJbRPGnA5kmudehjyTwuv8A3lDjw8cFmcYT0axMzOr_tMYmVJit3KLr7SyD2Dc6447g2zzg0FmVCkz5lq5zYVzWuWkvJA3hTIy-FD4cENcCEtGaGPjbzHWsBGlkuydUGjnAoPLITSreUUtQKYF5CTv3yQpqbzTRCFo8m0jTSmDOoJWsnv6VotUTKNLpsklx_83ncB2ziAdnz6J61NorhZrOoPG0q_Pk6e_AaEufQw |
| link.rule.ids | 228,230,782,887 |
| linkProvider | Cornell University |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Time+to+Separate+from+StackOverflow+and+Match+with+ChatGPT+for+Encryption&rft.au=Firouzi%2C+Ehsan&rft.au=Ghafari%2C+Mohammad&rft.date=2024-06-10&rft_id=info:doi/10.48550%2Farxiv.2406.06164&rft.externalDocID=2406_06164 |