Session 1: Introduction to CogniCrypt
CogniCrypt is a cryptographic API misuse detection tool built on the popular static analysis framework, Soot. In this tutorial we present an introduction to some key concepts of cryptographic APIs, as well as how they relate to application security overall. We will also present a high level overview of the inner-workings of CogniCrypt, and provide interesting relevant examples of CogniCrypt’s operation on real world applications. We will take this time to assure that everyone is setup, before diving into the first example task in order to get everyone warmed up on performing crypto related tasks. This will be an interactive session, so make sure to bring a laptop! It is recommended to preview the session setup instructions prior to attending.