U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Human-Centered Cybersecurity


Although cryptography is an essential component of modern computing, implementing cryptography correctly is a non-trivial undertaking, often resulting in developers making errors and introducing vulnerabilities into their cryptographic products.

Our cryptographic research is concerned with creating a baseline understanding of the practices and challenges of organizations that are developing products that use cryptography. This new understanding can help improve the assurance of cryptographic tools and the usability of cryptographic resources, such as standards and libraries.




Organizational Views of NIST Cryptographic Standards and Testing and Validation Programs paper icon  – Julie Haney, Mary Theofanos, Yasemin Acar, & Sandra S. Prettyman. NISTIR 8241 (2018)

"We make it a big deal in the company": Security Mindsets in Organizations that Develop Cryptographic Products paper icon  – Julie M. Haney,  Mary F. Theofanos, Yasemin Acar & Sandra S. Prettyman. Proceedings of the Symposium on Usable Privacy and Security (SOUPS) (2018). 

Organizational Practices in Cryptographic Development and Testing paper icon  – Julie M. Haney, Simson L. Garfinkel, & Mary F. Theofanos. Proceedings of the IEEE Conference on Communications and Network Security (CNS) (2017).


Crypto Reading Club 2021-12-15: "We make it a big deal in the company": Security Mindsets in Organizations that Develop Cryptographic Products  presentation icon video icon- Julie Haney (2021) 


Usability and Key Management presentation icon – Mary Theofanos (Jun 8, 2009)



Created November 17, 2016, Updated December 04, 2023