Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore findings from an interview study with 21 experienced software developers about their practices, experiences, and challenges when updating cryptographic code. Learn about the critical importance of keeping cryptographic implementations current, including algorithm updates (SHA-1 to SHA-512), key size increases (2048 to 4096 bits), protocol transitions (TLS 1.2 to 1.3), and preparations for post-quantum cryptography. Discover why developers perceive cryptographic updates as challenging and tedious, examining their lack of structured processes and the significant obstacles they face, including insufficient cryptographic knowledge, legacy system constraints that hinder transitions, and inadequate guidance resources. Understand both security-driven and non-security motivations behind cryptographic updates, while gaining insights into developers' desires for expert assistance and accessible educational materials. Review comprehensive recommendations for multiple stakeholders including developers, academic institutions, standards organizations, and those preparing for the upcoming post-quantum cryptography transition, based on 30 years of collective industry experience from study participants.
