BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Andreas Heinemann

Andreas Heinemann contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Cryptography and SecurityHuman-Computer InteractionSoftware Engineering

Trust snapshot

Quick read

Trust 15 - UnverifiedVerification L1Unclaimed author
3works
0followers
3topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

3 published item(s)

preprint2022arXiv

$crypto_{lib}$: Comparing and selecting cryptography libraries (long version of EICC 2022 publication)

Selecting a library out of numerous candidates can be a laborious and resource-intensive task. We present the $crypto_{lib}$ index, a tool for decision-makers to choose the best fitting cryptography library for a given context. To define our index, 15 library attributes were synthesized from findings based on a literature review and interviews with decision-makers. These attributes were afterwards validated and weighted via an online survey. In order to create the index value for a given library, the individual attributes are assessed using given evaluation criteria associated with the respective attribute. As a proof of concept and to give a practical usage example, the derivation of the $crypto_{lib}$ values for the libraries Bouncy Castle and Tink are shown in detail. Overall, by tailoring the weighting of the $crypto_{lib}$ attributes to their current use case, decision-makers are enabled to systematically select a cryptography library fitting best to their software project at hand in a guided, repeatable and reliable way.

0 citations0 reviewsNo code linkedOpen access
preprint2021arXiv

Zur Integration von Post-Quantum Verfahren in bestehende Softwareprodukte

Currently, PQC algorithms are being standardized to address the emerging threat to conventional asymmetric algorithms from quantum computing. These new algorithms must then be integrated into existing protocols, applications and infrastructures. Integration problems are to be expected, due to incompatibilities with existing standards and implementations on the one hand, but also due to a lack of knowledge among software developers about how to handle PQC algorithms. To illustrate incompatibilities, we integrate two different PQC algorithms into two different existing software products (the InboxPager email client for the Android OS and the TLS implementation of the Bouncy Castle crypto library). Here, we rely on the highly-abstract crypto library eUCRITE, which hides technical details about the correct usage of classical and PCQ algorithms and thus prevents some potential implementation errors.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Zur Benutzbarkeit und Verwendung von API-Dokumentationen

A good documentation is essential for a good usability of (security) APIs, i.e. especially for the correct use of the APIs. Requirements for good documentation of APIs have been described in several papers, but there is no technical implementation (hereinafter referred to as a documentation system) that implements these requirements. The requirements can be divided into requirements for the documentation system and requirements for the documentation content. Out of 13 identified requirements for a documentation system itself, 9 were implemented in a prototype and evaluated in a user study with 22 test persons using a cryptographic API. It turned out that the implementation of the requirement 'Enable quick use of the API' depends on the one hand on the quality of the content entered, but on the other hand also includes 5 other requirements or their implementation. The two other implemented requirements ('classic reference' and 'question and answer function') were hardly or not at all used by the test persons. Their usefulness and relevance should be investigated in a long-term study.

0 citations0 reviewsNo code linkedOpen access