We are currently looking for a new research assistant / doctoral student.
Is this for you?
The following code uses the symmetric encryption scheme AES, for instance to store some application data encrypted on disk. The code contains at least four different severe API-usage mistakes that may cause the code to crash or to be insecure:
String secretKey = "x$&78_;:$%$ä0$%=$%4352"; byte keyBytes = secretKey.getBytes(); SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES"); Cipher cipher = Cipher.getInstance("AES");
Can you spot these mistakes? The more you can find, and the more you enjoy finding them, the more likely the position might be the right one for you. Read the rest of this entry »