CogniCrypt supports developers during the integration of cryptographic components into software and checks automatically if they are integrated and configured correctly. After five years of work, CogniCrypt has matured to Version 1.0. For this release, we have extended and thoroughly tested CogniCrypt's main features: the code generator and the static code analysis. CogniCrypt now supports the code generation for five widely found cryptographic use cases:
- Data Encryption
- Secure Communication
- Secure Password Storage
- Long-Term Archiving
- Multi-party computation
We have further expanded CogniCrypt's analysis support to now five cryptographic APIs:
- BouncyCastle as a JCA provider
- Google Tink
On top of that, as per requests by CogniCrypt's users, we have taken several measures to improve both the tool's usability and configurability over the past few months. Most notably, we have implemented an extra view in Eclipse that presents the results of the latest run of the tool's code analysis in a structured and clean manner. Also CogniCrypt may now, depending on its configuration, automatically detect which cryptographic library is used in the project under analysis. Finally, in terms of usability, false-positive findings may now be manually suppressed within the IDE, manually marked as secure, and reported to us the maintainers of CogniCrypt such as to avoid their reporting in the future. To improve CogniCrypt's configurability, we have implemented a preferences menu, through which users may tweak a range of different features to their liking. Users may disable that the code analysis runs automatically when a project is built, enable the display of secure objects in the code, determine the level of severity for the different error types the tool supports, or add support for more cryptographic APIs.
CogniCrypt emerged from the Collaborative Research Center CROSSING at the Technical University of Darmstadt in cooperation with University Paderborn and Fraunhofer IEM, with contributions from researchers from the University of Alberta and the Universidade de Brasilia. The crypto-assistant tool is used by prestigious companies, e.g. Amazon Web Services. The Eclipse Open Source-Projekt is open for everyone and contributions are welcome.
In CROSSING, more than 65 researchers from complementary areas such as cryptography, quantum physics, system and software engineering collaborate to conduct application-based as well as basic research. The goal of CROSSING is to provide cryptography-based security solutions enabling trust in new and next generation computing environments. CROSSING is funded by the German Research Foundation since 2014 until 2022.