Developers deserve security warnings, too: on the effect of integrated security advice on cryptographic API misuse

Cryptographic API misuse is responsible for a large number of software vulnerabilities. In many cases developers are overburdened by the complex set of programming choices and their security implications. Past studies have identified significant challenges when using cryptographic APIs that lack a certain set of usability features (e. g. easy-touse documentation or meaningful warning and error messages) leading to an especially high likelihood of writing functionally correct but insecure code.