CryptoColumns

Authors: (1) Mohammadreza Hazhirpasand, University of Bern, Bern, Switzerland; (2) Oscar Nierstrasz, University of Bern, Bern, Switzerland; (3) Mohammad Ghafari, University of Auckland, Auckland, New Zealand. Table of Links Abstract—Recent studies have shown that developers have difficulties in using cryptographic APIs, which often led to security flaws. We are interested to tackle this matter by looking into what types of problems exist in various crypto libraries. We manually studied 500 posts on Stack Overflow associated

Authors: (1) Mohammadreza Hazhirpasand, University of Bern, Bern, Switzerland; (2) Oscar Nierstrasz, University of Bern, Bern, Switzerland; (3) Mohammad Ghafari, University of Auckland, Auckland, New Zealand. Table of Links IV. THREATS TO VALIDITY We selected 25 posts from each crypto library. This may not be a representative sample of the whole population; however, we were particularly interested in the common themes of issues in various libraries, not just one library. We selected the latest posts

Authors: (1) Mohammadreza Hazhirpasand, University of Bern, Bern, Switzerland; (2) Oscar Nierstrasz, University of Bern, Bern, Switzerland; (3) Mohammad Ghafari, University of Auckland, Auckland, New Zealand. Table of Links VII. ACKNOWLEDGMENTS We gratefully acknowledge the financial support of the Swiss National Science Foundation for the project “Agile Software Assistance” (SNSF project No. 200020-181973, Feb. 1, 2019 – April 30, 2022). We also thank CHOOSE, the Swiss Group for Original and Outside-the-box Software Engineering of the

Table of Links VII. THREATS TO VALIDITY We had not the possibility to conduct an on-site experiment due to the COVID-19 pandemic. The participants themselves had to record the time spent on each task. It is possible that how each participant calculated the time varies from the actual time. We mitigated this issue by explaining how to measure the time. Each participant had to read a task, comprehend basic concepts, and then start the task.