Pengembangan Sistem Manajemen Naskah Soal dengan Keamanan Pre-Hash Coding

Authors

DOI:

https://doi.org/10.33633/tc.v20i4.5271

Keywords:

dokumen elektronik, sistem keamanan, pre-hash coding, hashcat

Abstract

Sistem pengelolahan dokumen secara elektronik sudah menjadi salah satu kebutuhan penting dalam institusi pendidikan khususnya dalam pengelolaan naskah soal. Masalah utama dalam pengelolaan naskah elektronik adalah adanya berbagai format yang digunakan serta kekhawatiran terhadap tingkat keamanan akun. Sistem keamanan akun dengan menggunakan password yang sederhana akan mudah diretas sedangkan penggunaan sistem yang kompleks akan mempersulit pengguna. Departemen Informatika Universitas Diponegoro mengembangkan sistem manajemen naskah soal yang mampu menghasilkan format naskah soal sesuai dengan standar tunggal serta memiliki sistem keamanan yang sederhana namun kuat melalui sistem pre-hash coding dengan nilai unik pengguna melalui dua skema. Pengujian pertama yang dilakukan berhasil membuktikan kemampuan sistem dalam menghasilkan naskah soal sesuai dengan standar tunggal. Percobaan kedua dilakukan untuk menguji tingkat keamanan terhadap nilai hash dari sampel password melalui uji brute-force menggunakan sistem Hashcat. Sistem yang diusulkan mampu menggagalkan peretasan sebesar 40% pada karakter alfanumerik pada skema pertama dengan operator bitwise xor sedangkan pada skema kedua dengan operator penjumlahan mampu menggagalkan seluruh peretasan yang dilakukan. Sistem yang diusulkan mampu memenuhi kebutuhan pengguna terhadap password yang sederhana namun kuat.

References

A. Artamonov, K. Ionkina, E. Tretyakov, and A. Timofeev, “Electronic document processing operating map development for the implementation of the data management system in a scientific organization,” Procedia Comput. Sci., vol. 145, pp. 248–253, 2018, doi: 10.1016/j.procs.2018.11.053.

A. Ayaz and M. Yanarta?, “An analysis on the unified theory of acceptance and use of technology theory (UTAUT): Acceptance of electronic document management system (EDMS),” Comput. Hum. Behav. Reports, vol. 2, no. March, p. 100032, 2020, doi: 10.1016/j.chbr.2020.100032.

L. Rusdiana, “Extreme programming untuk rancang bangun aplikasi pengelolaan surat keterangan kependudukan,” Regist. J. Ilm. Teknol. Sist. Inf., vol. 4, no. 1, pp. 49–55, 2018, doi: 10.26594/register.v4i1.1191.

Y. Permana, H. D. Wijaya, P. Studi, T. Informatika, and U. M. Buana, “Implementasi E-Legalisir Untuk Legalisir Ijazah dan Transkrip Online pada Fakultas Ilmu Komputer Universitas Mercu Buana,” Techno.COM, vol. 19, no. 2, pp. 103–114, 2020.

K. Fitri, Z. Zulhendra, and D. Kurniadi, “Perancangan Sistem Informasi Legalisir Dokumen Berbasis Web Di Fakultas Teknik Universitas Negeri Padang,” Voteteknika (Vocational Tek. Elektron. dan Inform., vol. 2, no. 2, 2018, doi: 10.24036/voteteknika.v2i2.4075.

N. A. K. Febriyani and R. B. Hadiprakoso, “Rancang Bangun Aplikasi Naskah Dinas Elektronik Berbasis Web Menggunakan WDLC,” Ultim. InfoSys J. Ilmu Sist. Inf., vol. 12, no. 1, pp. 43–51, 2021, doi: 10.31937/si.v12i1.1747.

R. R. Asaad, “Penetration Testing: Wireless Network Attacks Method on Kali Linux OS,” Acad. J. Nawroz Univ., vol. 10, no. 1, p. 7, 2021, doi: 10.25007/ajnu.v10n1a998.

B. Hitaj, P. Gasti, G. Ateniese, and F. Perez-Cruz, PassGAN: A deep learning approach for password guessing, vol. 11464 LNCS. Springer International Publishing, 2019.

C. Ntantogian, S. Malliaros, and C. Xenakis, “Evaluation of password hashing schemes in open source web platforms,” Comput. Secur., vol. 84, pp. 206–224, 2019, doi: 10.1016/j.cose.2019.03.011.

G. Kim, S. Kim, M. Park, Y. Park, I. Lee, and J. Kim, “Forensic analysis of instant messaging apps: Decrypting Wickr and private text messaging data,” Forensic Sci. Int. Digit. Investig., vol. 37, p. 301138, 2021, doi: 10.1016/j.fsidi.2021.301138.

M. Park, G. Kim, Y. Park, I. Lee, and J. Kim, “Decrypting password-based encrypted backup data for Huawei smartphones,” Digit. Investig., vol. 28, pp. 119–125, 2019, doi: 10.1016/j.diin.2019.01.008.

S. F. Dyson, W. J. Buchanan, and L. Bell, “Scenario-based creation and digital investigation of ethereum ERC20 tokens,” Forensic Sci. Int. Digit. Investig., vol. 32, p. 200894, 2020, doi: 10.1016/j.fsidi.2019.200894.

R. Hranický, L. Zobal, O. Ryšavý, and D. Kolá?, “Distributed password cracking with BOINC and hashcat,” Digit. Investig., vol. 30, pp. 161–172, 2019, doi: 10.1016/j.diin.2019.08.001.

A. Kanta, I. Coisel, and M. Scanlon, “A survey exploring open source Intelligence for smarter password cracking,” Forensic Sci. Int. Digit. Investig., vol. 35, p. 301075, 2020, doi: 10.1016/j.fsidi.2020.301075.

Q. Guo et al., “PUFPass: A password management mechanism based on software/hardware codesign,” Integration, vol. 64, no. July 2018, pp. 173–183, 2019, doi: 10.1016/j.vlsi.2018.10.003.

Y. Guo, Z. Zhang, and Y. Guo, “Optiwords: A new password policy for creating memorable and strong passwords,” Comput. Secur., vol. 85, pp. 423–435, 2019, doi: 10.1016/j.cose.2019.05.015.

C. Tsagkani and A. Tsalgatidou, “Process model abstraction for rapid comprehension of complex business processes,” Inf. Syst., vol. 103, p. 101818, 2022, doi: 10.1016/j.is.2021.101818.

E. Hariyanti, A. Djunaidy, and D. Siahaan, “Information security vulnerability prediction based on business process model using machine learning approach,” Comput. Secur., vol. 110, p. 102422, 2021, doi: 10.1016/j.cose.2021.102422.

Downloads

Published

2021-11-22

Issue

Vol. 20 No. 4 (2021): November 2021

Section

Articles

License

Copyright (c) 2021 Prajanto Wahyu Adi, Retno Kusumaningrum

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

 

License Terms

All articles published in Techno.COM Journal are licensed under the Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0). This means:

1. Attribution

Readers and users are free to:

  • Share – Copy and redistribute the material in any medium or format.

  • Adapt – Remix, transform, and build upon the material.

As long as proper credit is given to the original work by citing the author(s) and the journal.

2. Non-Commercial Use

  • The material cannot be used for commercial purposes.

  • Commercial use includes selling the content, using it in commercial advertising, or integrating it into products/services for profit.

3. Rights of Authors

  • Authors retain copyright and grant Techno.COM Journal the right to publish the article.

  • Authors can distribute their work (e.g., in institutional repositories or personal websites) with proper acknowledgment of the journal.

4. No Additional Restrictions

  • The journal cannot apply legal terms or technological measures that restrict others from using the material in ways allowed by the license.

5. Disclaimer

  • The journal is not responsible for how the published content is used by third parties.

  • The opinions expressed in the articles are solely those of the authors.

For more details, visit the Creative Commons License Page:
? https://creativecommons.org/licenses/by-nc/4.0/

 

Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.