IJCSDF 7 4 AnalysisofSecureHash
IJCSDF 7 4 AnalysisofSecureHash
net/publication/327392778
Analysis of Secure Hash Algorithm (SHA) 512 for Encryption Process on Web
Based Application
CITATIONS READS
34 18,275
2 authors, including:
Imam Riadi
Ahmad Dahlan University
249 PUBLICATIONS 2,342 CITATIONS
SEE PROFILE
All content following this page was uploaded by Imam Riadi on 03 September 2018.
SHA 256 and 384 are not used much even certain value (hence it is called one direction).
though for security due to a protracted process The hash function is good if it is difficult to find
that causes the length of time in hashing [4]. 2 strings that will produce the same hash value
SHA 512 is a development of SHA 1 which is an [8]. The way the hash function works is shown
MD4 based improvement. According to Megah in Figure 2.
Mulya [5], 2009, the reliability of SHA 512 is
achieved by the ability to generate 512-bit hash
values, which is the longest hash value that a
hash function can generate. This long hash value
makes the SHA 512 more resistant to attack than
any other hash function so SHA 512 is
considered a powerful, robust and fast hash
Figure 2. Working Mechanism of One Way Hash
function. Function
374
International Journal of Cyber-Security and Digital Forensics (IJCSDF) 7(4): 373-381
The Society of Digital Information and Wireless Communications (SDIWC), 2018 ISSN: 2305-001
SHA 512 hash function performs the same hash 3. Initialize Hash Value
operation as SHA 2 operation in general [10]. In the SHA 512 algorithm, the H hash value
SHA 512 hash function is a function that (0) consists of 8 words with 64 bits in the
generates message diggest 512-bit size and 1024 hexadecimal notation as in Table 3.
bit block length. How the cryptographic
algorithm works SHA 512 is to accept input in Table 3. Hexadecimal Notation SHA 512
Buffer Initial Value
the form of a message with any length or size
A 6a09e667f3bcc908
and will generate a message digest that has a B bb67ae8584caa73b
fixed length of 512 bits as shown in Figure 3. C 3c6ef372fe94f82b
D a54ff53a5f1d36f1
E 510e527fade682d1
F 9b05688c2b3e6c1f
G 1f83d9abfb41bd6b
H 5be0cd19137e2179
3 METHODOLOGY
375
International Journal of Cyber-Security and Digital Forensics (IJCSDF) 7(4): 373-381
The Society of Digital Information and Wireless Communications (SDIWC), 2018 ISSN: 2305-001
testing while User Acceptance Test is done by hash does not match
376
International Journal of Cyber-Security and Digital Forensics (IJCSDF) 7(4): 373-381
The Society of Digital Information and Wireless Communications (SDIWC), 2018 ISSN: 2305-001
4.3 Mitigation and Testing Figure 7 is the result of data traffic capture done
using Wireshark tool. Capture data shows
4.3.1 System Attack Scheme username information contains admin and
The analysis process should be able to link password contains ciphertext with hash value
information from different variable includes the 154e2803428bb34b2a1c48ffadd177b6. After
completion of information against other obtaining the information is needed additional
information to explain an event or attacks data that is the hash function is likely to be used
activity [14]. Network forensics is defined in as by the system using Hash Identifier.
capture, recording, and analysis of network
events in order to discover the source of security
attacks or other problem incidents. In other
words, network forensics involves capturing,
recording and analyzing of network traffic [15].
Sniffing on a computer network involves the use
of a support tool that enables real-time
monitoring. Sniffing in this study was done to
check traffic on the network and retrieve a copy
Figure 8. Hash Identifier results
or capture of the packet data. The sniffing
activity scheme is described in Figure 6.
Figure 8 shows that the login process on the
application system has applied the MD5 hash
method.
1. Start
The sniffing experiment in this study was
conducted with the Wireshark tool. Wireshark is
one of the network packet analyzer tools.
2. Input
Wireshark will try to capture network packets username
& password
and try to display the packet data as completely
as possible. After the data obtained then will be
analyzed the data capture results Wireshark to
determine what type of hash function used by the 3. Change the
password to SHA
system. The analysis to determine the type of 512 hash form
hash function is done with the Hash Identifier
tool. As an example of sniffing activities and
analyzing the type of hash function performed in
4. Check the T
Figure 7 and Figure 8. database
5. Home
system
6. Finish
Figure 7. Sniffing Results Using Wireshark Applications
Figure 9. Flowchart Login Process Using SHA 512
Method
377
International Journal of Cyber-Security and Digital Forensics (IJCSDF) 7(4): 373-381
The Society of Digital Information and Wireless Communications (SDIWC), 2018 ISSN: 2305-001
Based on the flowchart presented in Figure 9, calling the hash function on the system. There is
process no. 3 that was previously encrypted also a diagram can be seen in Figure 11.
using MD5 is changed using SHA 512 method.
So in that process, the data transmission in the Index.php
Config/gtfw_base_dir.def
(configuration that calls into
Index.php
(gtfw-php-app) (gtfw-php-base)
form of input from password will be changed to gtfw base)
378
International Journal of Cyber-Security and Digital Forensics (IJCSDF) 7(4): 373-381
The Society of Digital Information and Wireless Communications (SDIWC), 2018 ISSN: 2305-001
Less Agree
Neutral
Agreement
Figure 12. Results Process Call Hash Function Before Strongly Agree
Patching Performed 78%
Figure 14. Percentage Test Result User Acceptance Test
379
International Journal of Cyber-Security and Digital Forensics (IJCSDF) 7(4): 373-381
The Society of Digital Information and Wireless Communications (SDIWC), 2018 ISSN: 2305-001
Figure 14 shows the percentage of the above longer time to find the plaintext of the hash value
values indicates the responses of respondents to of the algorithm thus indicating that the hash
the statements in the Security Test questionnaire function is more reliable and robust. In addition
with SS answers of 8.00%, S of 78.00%, N of to testing the User Acceptance Test generate
14.00%, TS by 0.00%, and STS for 0.00%. agreed percentage and strongly agree at 86.00%,
Results obtained from the above test can be seen so the implementation of the patch used to
in Table 4 as table comparison of data security secure passwords on the login feature can run as
between before and after patching. required.
Table 4. Comparison Table Before and After Patching REFERENCES
Performed
No. Parameter Before After
Comparison Patching Patching [1] E. Kurniawan and I. Riadi, “Security level
Not fulfilling, Already analysis of academic information systems
because it still fulfilled. The based on standard ISO 27002:2003 using
uses the old encryption SSE-CMM,” vol. 16, no. 1, pp. 139–147,
Security hash method update uses 2018.
1. standard for that has been hash functions [2] I. Riadi, E. I. Aristianto, and A. Dahlan, “An
login feature. proven to have that have a Analysis of Vulnerability Web Against Attack
a dangerous more reliable Unrestricted Image File Upload,” Comput.
vulnerability. and robust Eng. Appl., vol. 5, no. 1, pp. 19–28, 2016.
security level.
[3] P. Irfan, Y. Prayudi, and I. Riadi, “Image
Less good, Good, because
The level of Encryption using Combination of Chaotic
because the the algorithm
password
algorithm method used System and Rivers Shamir Adleman ( RSA ),”
security on the Int. J. Comput. Appl., vol. 123, no. 6, pp. 11–
method used proved more
2. mechanism of 16, 2015.
has been secure and
web-based [4] M. H. W, “Development of Hash Function
proven to have reliable.
application
dangerous Encryption on SHA (Secure Hash
login feature.
vulnerabilities. Algorithm),” J. Ilmu Komput. dan Teknol.
The resulting The resulting Inf., vol. 3, no. 2, pp. 1–7, 2009.
hash value is hash value is [5] M. Megah, “Use of SHA-512 Algorithm to
The total value small so it only much more so Ensure Integrity and Authenticity of Message
of the hash takes a while as to generate
3. on Intranet,” no. 1, pp. 107–111, 2009.
function when a brute a long time
generated. force test is when a brute
[6] N. Hermaduanti and I. Riadi, “Automation
performed. force test is framework for rogue access point mitigation
performed. in ieee 802.1X-based WLAN,” J. Theor. Appl.
Inf. Technol., vol. 93, no. 2, pp. 287–296,
5 CONCLUSION 2016.
[7] A. Kristanto, Data Security On Computer
Networks. Yogyakarta: Penerbit Gava Media,
Based on the results of research and discussion 2003.
can be concluded that the login process in web- [8] SSL Information, “Difference Between
based applications requires updating of the Hashing and Encryption,” 2018. [Online].
encryption method used by the method of SHA Available:
512 algorithm. This update aims to improve the https://www.ssl2buy.com/wiki/difference-
security of password data on logging features between-hashing-and-encryption.
that are more reliable and powerful so that the [9] C. Angga, “Analysis of How Diverse Works
attacker will be very difficult to attack the Hash Functions Exist,” pp. 1–6, 2011.
system. Implementation of the SHA 512 [10] W. Setiawan, “Analysis and Comparison of
algorithm method produces the longest number Whirlpool and SHA-512 Algorithms as a
Hash Function,” Makal. IF3058 Kriptografi –
of bits of 512 bits so as to ensure system security
Sem. II Tahun 2010/2011, 2011.
and data confidentiality. [11] Y. P. Rosmiati, I. Riadi, “A Maturity Level
Penetration Testing against Brute Force attacks Framework for Measurement of Information
using the Hashcat tool indicates that the SHA Security Performance,” Int. J. Comput. Appl.,
512 algorithm is better in terms of endurance and vol. 141, no. 8, pp. 975–8887, 2016.
strength for brute force testing because it has a [12] S. Dewantono, “Weakness of Message Digest
380
International Journal of Cyber-Security and Digital Forensics (IJCSDF) 7(4): 373-381
The Society of Digital Information and Wireless Communications (SDIWC), 2018 ISSN: 2305-001
381