2022 International Seminar on Application for Technology of Information and Communication (iSemantic)

Digital Certificate Authentication with Three-Level

Cryptography (SHA-256, DSA, 3DES)
2022 International Seminar on Application for Technology of Information and Communication (iSemantic) | 978-1-6654-8839-6/22/$31.00 ©2022 IEEE | DOI: 10.1109/iSemantic55962.2022.9920404

Bagas Dwi Yulianto L. Budi Handoko Eko Hari Rachmawanto

Faculty of Computer Science Faculty of Computer Science Faculty of Computer Science
Dian Nuswantoro University Dian Nuswantoro University Dian Nuswantoro University
Semarang, Indonesia Semarang, Indonesia Semarang, Indonesia
[email protected] [email protected] [email protected]

Pujiono M. Arief Soeleman

Faculty of Computer Science Faculty of Computer Science
Dian Nuswantoro University Dian Nuswantoro University
Semarang, Indonesia Semarang, Indonesia
[email protected] [email protected]

Abstract— The rapid development of technology, makes it
easier for everyone to exchange information and knowledge.
Exchange information via the internet is threatened with
security. Security issues, especially the issue of the
confidentiality of information content and its authenticity, are
vital things that must protect. Peculiarly for agencies that often
hold activities that provide certificates in digital form to
participants. Digital certificates are digital files conventionally
used as proof of participation or a sign of appreciation owned
by someone. We need a security technology for certificates as a
source of information known as cryptography. This study aims
to validate and authenticate digital certificates with digital
signatures using SHA-256, DSA, and 3DES. The use of the
SHA-256 hash function is in line with the DSA method and the
implementation of 3DES which uses 2 private keys so that the
security of digital certificate files can be increased. The pixel
changes that appear in the MSE calculation have the lowest
value of 7.4510 and the highest value of 165.0561 when the file
is manipulated, it answers the security of the proposed method
is maintained because the only valid file is the original file.
Keywords— Digital Signature, SHA-256, DSA, 3DES
I. INTRODUCTION
The rapid development of technology, accompanied by a
lot of support in surfing the internet, makes it easier for
everyone to exchange information and knowledge. The
exchange of information uses many media such as
smartphones, computers, and laptops. The information
shared by users of these devices varies, such as sending e-
mails, sending messages on social media, etc. Sending
information via the internet is threatened with security [1],
[2]. It can be stopped, deflected, or changed the contents in it
by parties who are not responsible. This action is illegal and
done to steal the information contained in it.
Cryptographic methods in securing information such as
digital certificates use authentication technology using digital
signatures [2], [5]. Digital signatures are used as proof of
confidentiality and validation of information ownership, in
this case, digital certificates. Digital signatures use
cryptographic algorithms such as one-way hash systems,
non-symmetric key cryptography, and symmetric key
cryptography [5], [6]. One of the universal and guaranteed
one-way hash function methods is SHA-256. This function
was designed by the National Institute of Standards and
Technology (NIST) in 2002 to replace the old hash model
that had confidentiality flaws. Non-symmetric key
cryptography that is popular and has become the standard for
digital signature authentication by NIST is the Digital
Signature Standard (DSS) with the algorithm used Digital
Signature Algorithm (DSA) [5]. The algorithm is made
specifically for handling digital certificates that have the
primary function of signing and verifying. The block-cipher
3DES algorithm is asymmetric key cryptography that
guarantees security by using three times the process of
encrypting and decrypting data [2], [7].
As a guarantee of security, the DSA algorithm is an
algorithm specifically designed for digital signatures. It is
required to use a hash function. The hash function used by
the DSA algorithm is SHA-128 which in this study improved
by using the SHA-256 hash function that has a higher
complexity. Meanwhile, DSA has a faster speed of 5 seconds
compared to 0.1 seconds for the RSA signature algorithm
[8], [9]. The addition of the 3DES block cipher algorithm as
an advanced level of security where the comparison of
memory requirements, speed, and bandwidth, is superior
because it has an average value state at the intermediate level
compared to other algorithms [1], [10].

Security issues, especially the issue of the confidentiality
of information content and its authenticity, are vital things
that must protect. Every agency that has anything to do with
digital files is very vulnerable to this problem. Peculiarly for
agencies that often hold activities that provide certificates in
digital form to participants. Digital certificates are digital
files conventionally used as proof of participation or a sign
of appreciation owned by someone. Digital certificates are
very vulnerable to being manipulated by irresponsible
parties. Proving the validity of fake digital documents and
certificates has been done for a long time, and some cannot.
So we need a security technology for certificates as a source
of information known as cryptography [3], [4].
From the explanation of the digital signature
authentication method and popular algorithms, this study
aims to validate and authenticate digital certificates with
digital signatures using SHA-256, DSA, and 3DES. So it can
guarantee data authorization, authentication, and non-
repudiation on digital certificates.
II. LITERATURE REVIEW
A. SHA-256
SHA-256 is a hash algorithm designed and developed by
the National Institute of Standards and Technology (NIST) in
2002. SHA-256 produces a message digest with a length of
256 bits. SHA-256 is classified as a security category

horized licensed use limited to: NUST School of Electrical Engineering and Computer Science (SEECS). Downloaded on September 28,2023 at 04:09:31 UTC from IEEE Xplore. Restrictions ap
978-1-6654-8839-6/22/$31.00 ©2022 IEEE 343
 2022 International Seminar on Application for Technology of Information and Communication (iSemantic)
because it is designed to make it impossible to obtain other
messages related to the same message digest. The message
digest generation process in this algorithm consists of five
steps:
1) Message Padding : Divide the message to produce
message blocks with a length of 512 bits. This results in the
number of the last block is less than or equal to 512 bits.
Perform message padding on the final block of messages
with the following steps:
a) The entered message has an ASCII value. Convert
the ASCII value into a series of binary number bits.
b) Divide the series of bits into 512-bit blocks. The
division results in the number of blocks of the last value
being equal to or less than 512 bits.
c) Add the contents of the bits in the last block of the
message using bits 1 and 0 according to the required number
following these rules:
• The last block bit < 448 bits. Add bit 1 at the
beginning and add the remainder with bit 0 until the
number becomes 448 bits.
• The last block bit ≥ 448 bits & < 512 bits. Add bit 1
at the beginning and add the remainder with bit 0
until the number becomes 512 bits.
• The last block bit = 512 bits. Create a new block with
the initial value of bit 1 and then bit 0 until the bit
length becomes 448 bits.
2) Addition of Bit Length : The number of bits in the
last block of the message, 448 bits long, must be added to
make it 512 bits. By representing the message m into a
binary number to get the remaining 64 bits. Set the order of
the rightmost bytes of the message (m) as low-order.
3) Initialize Initial Hash Value : Initial and temporary
output value in the SHA-256 hash function use the buffer
values H0, H1, H2, H3, H4, H5, H6, and H7. But for
temporary storage process using buffers a, b, c, d, e, f, g,
and h. Use the initial buffer value as an initial value in the
form of hexadecimal notation. Its standard default value is
in table 1.
TABLE I. HEXADECIMAL NOTATION BUFFER VALUE
Buffer Hexadecimal
H0 6A09E667
H1 BB67AE85
H2 3C6EF372
H3 A54FF53A
H4 510E527F
H5 9B05688C
H6 1F83D9AB
H7 5BE0CD19
4) Value Processing : Value processing is the core
part of the hash function. This processing is carried out in 1
round and has 64 operations in processing every 512 bits or
one message block. Each message block is m(1),m(2), ...,
m(n) [6]. where n is the number of message blocks. For
each message block, perform the following steps:
• Initialize the initial value of the temporary storage
buffer variable a=H0(i-1), b=H1(i-1), c=H2(i-1),
d=H3(i-1), e=H4(i- 1), f=H5(i-1), g=H6(i-1), h=H7(i-
1) on m(1).
horized licensed use limited to: NUST School of Electrical Engineering and Computer Science (SEECS). Downloaded on September 28,2023 at 04:09:31 UTC from IEEE Xplore. Restrictions ap
344
• Calculate each value on each schedule.
• For each message block, calculate the intermediate
hash value.
5) Finalization : All 512-bit m(n) blocks have
proceeded. The final result is a 256-bit message digest [11].
B. DSA
DSA is an asymmetric key cryptography algorithm that
uses two keys, namely private and public keys. DSA was
developed from the El-Gamal algorithm. DSA does not
function as message encryption but has 2 (two) main
functions, namely as a message (signing) and authentication
as a message validity (verify) [8], [9]. The signing process
uses a key whereas the verification process uses the public
key. Before carrying out a process, the keys from the DSA
are generated first [9]. The following are the stages and
parameters used in the DSA:
1) DSA Parameters
• Parameter p is a prime number with length L bits. The
length of L must be a multiple of 64 bits and fullfill
512 bits ≤ L ≤ 1024 bits. The parameter p is public.
• Parameter q, prime factor of (p–1) thus fulfill (p–1)
mod q = 0. Parameter q has a length of 160 bits.
Parameter q is public.
• g = h(p–1)/q mod p, with parameter value h<(p–1)
such that h(p–1)/q mod p > 1. Parameter g is public.
• Parameter x is an integer that fulfills x < q, and this
parameter is a private key.
• Parameter k is an integer that fulfills k < q , and this
parameter is a private key.
• Parameter y, calculated by the equation y = gx mod p,
y is the public key parameter.
• The parameter m is the message to be signed, and
H(m) is the part member of each message m.
2) DSA Key Generation Process, The following are
the steps of the DSA key generation:
• Selects the values of the parameters p and q that are
both prime numbers with q a factor of p. According to
the equation (1).
(1)
• Calculate the value of g with the equation (2) with the
h parameter and must satisfy the equation (3).
(2)
(3)
• Determine the value of the private key x that is an
integer less than q.
• Calculating the public key y with the equation (4).
(4)
• The above process generates public key values (p, q,
g, y) and private key values (p, q, g, x)
 2022 International Seminar on Application for Technology of Information and Communication (iSemantic)

3) DSA Signing Process, The steps in the DSA
signing process are as follows:
• Search message digest for message m with the hash
function.
• Determine the value of the private k parameter that is
an integer less q.
• The result of the signature is the r parameter whose
value is fixed, and the s parameter as the value of
each message m.
• Calculate the value of r with the equation (5).
(5)
• Then calculate the value of s from each message
value m using the equation (6).
(6)
for the encryption and decryption process while 3DES uses 2
(two) keys in the encryption and decryption process [1], [5].
3DES performs the encryption process using 2 (two)
different keys and the way to do it is alternately encryption
 decryption  encryption for one encryption process, as
seen in the equation (11). The 3DES decryption still uses 2
(two) different keys and one decryption process as well as
three decryption  encryption  decryption processes, as
seen in the equation (12) [1], [7]. Where C is Ciphertext and
P is Plaintext. For the process of the 3DES algorithm
globally, see figure 1.
(11)
(12)

• Save/send the results of r and s into the system.

4) DSA Verification Process, The steps in the process
of verifying the DSA algorithm are as follows:
• Enter the hash value of the message to be verified.
• Retrieve the signature containing the values of r and s
from the system.
• Then calculate the parameter w which is the inverse
of each value of s with a mod q comparison,
according to the equation (7).
(7)

• Next, calculate the parameter u1 which is the value

for each message H(m) with the result w using the Fig. 1. 3DES Process Scheme
equation (8).
III. PROPOSED METHOD
(8) The proposed method is to perform an authentication
process on a digital certificate with a digital signature that
• Next, calculate the parameter u2 which is the value has been affixed to the digital certificate. This process has 2
for the verifier r with the result w using the equation (two) main steps, signing and verifying. The two steps will
(9). use the methods that have been described: SHA-256, DSA,
and 3DES.
(9)

• Finally, calculate v which is the final verification

parameter that compares the values of u1 & u2 with
the value of r. Calculations using the equation (10).
(10)

• After calculating using the equation, the result of the

message H(m) will get a value of v, if the value is the
same as r then it is proven that the message is “valid”,
if the value is different from r then it is proven that
the message is “invalid” [8], [9]. Fig. 2. Signing Process on Digital Certificate

C. 3DES Figure 2 is the process of signing a digital certificate,

3DES is a direct development of the DES algorithm. The with the following steps :
steps used in encryption and decryption still use DES but
• Prepare a digital certificate file that will be used in the
these steps are carried out three times and the keys used are
signing process.
also more than the DES algorithm. Where DES uses one key

horized licensed use limited to: NUST School of Electrical Engineering and Computer Science (SEECS). Downloaded on September 28,2023 at 04:09:31 UTC from IEEE Xplore. Restrictions ap
345
 2022 International Seminar on Application for Technology of Information and Communication (iSemantic)
• Implemented the SHA-256 hash function against the
digital certificate file so that the message digest
results are 256 bits with a length of 64 characters,
then the hexadecimal number conversion is carried
out for each character to produce 64 pairs of
hexadecimal numbers.
• Furthermore, the encryption of the converted message
digest results with DSA signing public key
cryptography. The parameters used in the DSA
signing algorithm are as follows: p = 9539; q = 251; h
= 1577; x = 233; k = 137.
• Then, to increase the security of the DSA method,
encryption is carried out with the 3DES cryptography
algorithm. 3DES encryption uses 2 (two) keys: Key A
= OURCRYPT and Key B = OURCRIPT. Performed
on the result of s converted to a binary number.
• The final result of the encryption is converted into
hexadecimal form and then stored in the database
system along with the name & year attribute of the
digital certificate.
Fig. 3. Verification Process on Digital Certificate
Figure 3 is the process of verification a digital certificate,
with the following steps :
• Prepare in advance the digital certificate file that will
be authenticated in the verification process. The file
will be divided into 2 (two) processes simultaneously
which will be marked with (a) and (b).
• (a) The digital certificate file that will be checked is
compared and searched based on the name & year
attribute, with a digital signature that is in the
database system. Prepare a digital certificate file that
will be used in the signing process.
• Every signature found is then processed by the 3DES
cryptography algorithm decryption. Decryption uses
the same two secret keys as the signing process, the
steps in the operation are the same as the signing
process where the difference is that it is described
with Key A then encrypted with Key B then decrypt
again with Key A.
• The certificate file to be checked will be encrypted
with the SHA-256 hash function..
• The results of (a) DSA signing files & (b) message
digests will be compared using the DSA verify
horized licensed use limited to: NUST School of Electrical Engineering and Computer Science (SEECS). Downloaded on September 28,2023 at 04:09:31 UTC from IEEE Xplore. Restrictions ap
346
method. The comparison is done with the same
parameters at signing DSA: p = 9539; q = 251; h =
1577; x = 233; k = 137.
• The final result of the verification process will
produce the final verification value (v) with the
verifier value (s). If the value was same it will show
the certificate file is valid, whereas if the value is
difference it will show the certificate file is invalid.
IV. RESULT AND TESTING
Data is obtained from the digital certificate file that has
been prepared. The certificate file is 3508 pixels x 2481
pixels in size, see sample on figure 4. The file will be given
several attacks, namely changing the file new name [4],
sharpening and Gaussian smoothing. The attacks above are
used for testing, the attack will change the pixels of the
original certificate so that it can detect the authenticity of the
original certificate. Pictures of each attack can be seen in
figure 5.
(a) (b)
Fig. 4. Digital Certificate File Sample for Authentication (a)
Certificate_1.jpg, (b) Certificate_2.jpg
(a) (b)
(c) (d)
Fig. 5. Certificate with/without attack (a) No Attack, (b) Changing File
Name, (c) Sharpening, (d) Gaussian Smoothing
The MSE (Mean Square Error) calculation is used to see
the imperceptibility and quality of the manipulated digital
certificate file [12]. The MSE calculation can be seen in the
equation (13). The resulting MSE value must be 0 (zero) so
that it can be ensured that the certificate has not changed and
the authentication results can be valid. If the MSE value is
greater than zero, the certificate has been changed and the
authentication result can be invalid.
(13)
Where At is the original value, Ft is the compared value,
and n is the number of pixel data.
 2022 International Seminar on Application for Technology of Information and Communication (iSemantic)
TABLE II.
Hash Value
File
(SHA-256)
9FDE9712CAA82BD124F1BB2F3
034AE671BF4152F7B82F6E82929
EA705904A9AA
C464AC88CF4B80818CA3BD1D5
38A9E4C63C3D16B94623115D3F
A77402DB01BAD
D4A5F8D99EFFD3EA2CBFEEBE
E7B20D844AAC703555B2487B32
09A7A22E8B063C
49F5C6264F46FDA7E5961038E55
FACA3C1CE6DDB0482E1710FF
B2FEAAFA68114
901E44999D3D51CCB2898EA187
1EEA9572B7B65E4D58384A797C
01EAF41EA033
TABLE III.
File Digital Signature
09 E4 7A 76 8D 44 56 0B B4 80 13
B4 F1 4F CD BF 54 BA 65 6B 7A
60 D1 2F C9 26 48 C4 FF 15 B7 16
F5 E2 55 A8 20 BD AC D0 B5 CE
9E 02 1B D0 D9 CA 04 19 62 93
AD 6E 4E 40 49 EA 74 DC 6C CA
60 62
18 6D 88 3D 50 3A B5 A9 4A 81
C2 B8 17 61 9F C8 12 B4 40 AC
A1 28 AD 7F A2 AB 16 BC EC 3F
E3 7C 50 20 FF 86 BB 23 AD 28
E4 AB 81 4D 0E 79 AA E5 DE 72
D4 EF F6 6C 1B 2A 29 A7 D8 3D
1B 8D B0 C8
9D F8 EC 28 11 92 B2 D2 57 51
D5 05 36 65 43 85 9E 72 A6 1F E4
83 93 0A 1D 7C 73 1D 25 72 F0 6E
B0 3C 31 C8 C2 A4 C9 AA 54 E3
A5 93 C9 EF 48 A1 7D D1 37 E3
AA DB 91 D8 21 56 30 C1 D1 E2
63 87
horized licensed use limited to: NUST School of Electrical Engineering and Computer Science (SEECS). Downloaded on September 28,2023 at 04:09:31 UTC from IEEE Xplore. Restrictions ap
347
SIGNING RESULTS
DSA Signing
B8 B1 9B A6 B8 A2 60 6B 90 7A
7A AD 6B 85 9B 60 6B 81 B1 60
85 85 6B B1 76 55 76 81 7A A6 97
A2 60 85 B1 81 60 8C 6B B1 A2
85 AD 6B B1 97 A6 AD 6B B8 6B
B8 A6 7A A2 55 8C B8 55 81 7A
B8 7A 7A
90 81 97 81 7A 90 AD AD 90 B1
81 85 AD 55 AD 60 AD 90 7A 76
85 9B 60 9B 8C 76 AD 7A B8 A6
81 90 97 76 90 76 9B 60 97 85 B8
81 97 6B 76 60 60 8C 9B 76 B1 7A
A2 A2 81 55 6B 9B 85 55 60 85 7A
9B
9B 81 7A 8C B1 AD 9B B8 B8 A6
B1 B1 9B 76 A6 7A 6B 90 85 B1
A6 A6 85 A6 A6 A2 85 6B 55 9B
AD 81 81 7A 7A 90 A2 55 76 8C
8C 8C 85 6B 81 AD A2 85 76 6B
55 B8 7A A2 7A 6B 6B A6 AD 85
55 97 76 90
81 B8 B1 8C 90 97 6B 97 81 B1 81
97 B1 9B 7A A2 A6 8C B8 97 60
55 76 AD A6 8C 8C B1 7A 90 7A
76 90 60 90 A6 97 9B 9B 85 55 81
AD 6B A6 60 A2 60 55 B1 B1 85
6B B1 A6 7A 7A B1 7A 97 AD 60
60 81
B8 55 60 A6 81 81 B8 B8 B8 9B
76 9B 8C 60 90 90 85 6B AD B8
AD A6 7A 60 AD A2 60 A6 A6 7A
B8 8C A2 6B 85 A2 85 97 8C A6
81 9B 8C AD 76 AD 81 7A A2 B8
A2 90 55 60 A6 7A B1 81 60 A6
7A 55 76 76
VERIFY RESULTS
3DES Decryption
B8 B1 9B A6 B8 A2 60 6B 90 7A
7A AD 6B 85 9B 60 6B 81 B1 60
85 85 6B B1 76 55 76 81 7A A6 97
A2 60 85 B1 81 60 8C 6B B1 A2
85 AD 6B B1 97 A6 AD 6B B8 6B
B8 A6 7A A2 55 8C B8 55 81 7A
B8 7A 7A
90 81 97 81 7A 90 AD AD 90 B1
81 85 AD 55 AD 60 AD 90 7A 76
85 9B 60 9B 8C 76 AD 7A B8 A6
81 90 97 76 90 76 9B 60 97 85 B8
81 97 6B 76 60 60 8C 9B 76 B1 7A
A2 A2 81 55 6B 9B 85 55 60 85 7A
9B
9B 81 7A 8C B1 AD 9B B8 B8 A6
B1 B1 9B 76 A6 7A 6B 90 85 B1
A6 A6 85 A6 A6 A2 85 6B 55 9B
AD 81 81 7A 7A 90 A2 55 76 8C
8C 8C 85 6B 81 AD A2 85 76 6B
55 B8 7A A2 7A 6B 6B A6 AD 85
55 97 76 90
3DES Encryption
(Digital Signature)
09 E4 7A 76 8D 44 56 0B B4 80 13
B4 F1 4F CD BF 54 BA 65 6B 7A
60 D1 2F C9 26 48 C4 FF 15 B7 16
F5 E2 55 A8 20 BD AC D0 B5 CE
9E 02 1B D0 D9 CA 04 19 62 93
AD 6E 4E 40 49 EA 74 DC 6C CA
60 62
18 6D 88 3D 50 3A B5 A9 4A 81
C2 B8 17 61 9F C8 12 B4 40 AC
A1 28 AD 7F A2 AB 16 BC EC 3F
E3 7C 50 20 FF 86 BB 23 AD 28
E4 AB 81 4D 0E 79 AA E5 DE 72
D4 EF F6 6C 1B 2A 29 A7 D8 3D
1B 8D B0 C8
9D F8 EC 28 11 92 B2 D2 57 51
D5 05 36 65 43 85 9E 72 A6 1F E4
83 93 0A 1D 7C 73 1D 25 72 F0 6E
B0 3C 31 C8 C2 A4 C9 AA 54 E3
A5 93 C9 EF 48 A1 7D D1 37 E3
AA DB 91 D8 21 56 30 C1 D1 E2
63 87
8E D8 5D D7 F7 9A 4D 0B 5B CC
91 36 70 CD C1 47 D1 3C 1A 83
E8 81 11 BF A6 65 90 B5 26 E8 B0
12 C0 07 1C 9F 65 D6 A9 59 67 98
CE 15 EB 71 C6 8F 3B C9 6F 49
4D DE 6C 91 AB 3D 8F 62 DB CE
7D 1B
88 C0 DA 27 88 57 94 E0 B4 DD
E0 D5 5D D1 C4 13 EB F3 40 26
58 EA 41 92 EC 09 7A 1D 5C D7
EF D9 F8 BF A6 1D A6 5B 76 65
04 4B 04 E2 3B FC C2 D2 9E BF
02 39 34 68 5C 15 2C BC C1 4A
E7 3C CD 52
DSA Verify
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27
 2022 International Seminar on Application for Technology of Information and Communication (iSemantic)

8E D8 5D D7 F7 9A 4D 0B 5B CC
91 36 70 CD C1 47 D1 3C 1A 83
E8 81 11 BF A6 65 90 B5 26 E8 B0
12 C0 07 1C 9F 65 D6 A9 59 67 98
CE 15 EB 71 C6 8F 3B C9 6F 49
4D DE 6C 91 AB 3D 8F 62 DB CE
7D 1B
81 B8 B1 8C 90 97 6B 97 81 B1 81
27 27 27 27 27 27 27 27 27 27 27
97 B1 9B 7A A2 A6 8C B8 97 60
27 27 27 27 27 27 27 27 27 27 27
55 76 AD A6 8C 8C B1 7A 90 7A
27 27 27 27 27 27 27 27 27 27 27
76 90 60 90 A6 97 9B 9B 85 55 81
27 27 27 27 27 27 27 27 27 27 27
AD 6B A6 60 A2 60 55 B1 B1 85
27 27 27 27 27 27 27 27 27 27 27
6B B1 A6 7A 7A B1 7A 97 AD 60
27 27 27 27 27 27 27 27 27
60 81

88 C0 DA 27 88 57 94 E0 B4 DD
E0 D5 5D D1 C4 13 EB F3 40 26
58 EA 41 92 EC 09 7A 1D 5C D7
EF D9 F8 BF A6 1D A6 5B 76 65
04 4B 04 E2 3B FC C2 D2 9E BF
02 39 34 68 5C 15 2C BC C1 4A
E7 3C CD 52
B8 55 60 A6 81 81 B8 B8 B8 9B
27 27 27 27 27 27 27 27 27 27 27
76 9B 8C 60 90 90 85 6B AD B8
27 27 27 27 27 27 27 27 27 27 27
AD A6 7A 60 AD A2 60 A6 A6 7A
27 27 27 27 27 27 27 27 27 27 27
B8 8C A2 6B 85 A2 85 97 8C A6
27 27 27 27 27 27 27 27 27 27 27
81 9B 8C AD 76 AD 81 7A A2 B8
27 27 27 27 27 27 27 27 27 27 27
A2 90 55 60 A6 7A B1 81 60 A6
27 27 27 27 27 27 27 27 27
7A 55 76 76

TABLE IV. EXPERIMENTAL RESULTS

Digital Verification Value Verifier Value
File Attack MSE Auth
Signature (DSA Verify) (S)
27 27 27 27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27 27 27 27 27 27 27
09 E4 7A 76 8D None 0 27 27 27 27 27 27 27 27 27 27 27 27 27 27 Valid
27 27 27 27 27 27 27 27 27 27 27 27 27 27
44 56 0B B4 80 27 27 27 27 27 27 27 27
27 27 27 27 27 27
13 B4 F1 4F CD
D6 BF 9A D3 27 36 29 D2 42 90 D8 1F A7 27 27 27 27 27 27
BF 54 BA 65 6B
Change 10 D1 6F C3 9F 1D 9F 8D 10 7C 60 B1 7A 27 27 27 27 27 27
7A 60 D1 2F C9 7.6636 E6 67 CC 27 27 45 EF 29 16 5F 9F 1D EF 54 Invalid
File Name 27 27 27 27 27 27
26 48 C4 FF 15 AA BF 9D 27 16 54 52 27 A7 E9 27 CE 7A
27 E3 9F 11 0C 09 58 90 4C E2 90 27 27 27 27 27 27
B7 16 F5 E2 55
27 27 27 27 27 27
A8 20 BD AC 9D 27 8A 9F 9D 39 29 27 27 A4 A4 CA D2 27 27 27 27 27 27
D0 B5 CE 9E 02 6A 9F 8A C3 4E 16 9F ED 29 48 16 5A 42
Sharpen 21.0529 0E 5F C0 9F 4F 45 29 43 9A 58 9A E4 7C 27 27 27 27 27 27 Invalid
1B D0 D9 CA 1D 55 9A DE 22 37 0B FA DE A0 E9 A1 1F 27 27 27 27 27 27
04 19 62 93 AD D9 31 E3 B5 1D CE D9 27 4E 27 90 58 27 27 27 27 27 27
6E 4E 40 49 EA
A1 27 D1 09 CE 78 CA 7C C3 4E 31 F5 22 27 27 27 27
74 DC 6C CA
Gaussian 43 29 B3 AD 31 A1 EF 9A 0B C3 37 43 27
60 62 161.7648 8D 5F 58 27 27 45 CC 0E 16 27 76 E4 A0 Invalid
Smoothing 1D 10 BF B5 7C 37 42 D9 B5 22 27 A7 83
40 27 87 DB 27 A1 90 E8 90 E9 27 E8
27 27 27 27 27 27 27 27 27 27 27 27 27 27
18 6D 88 3D 50 27 27 27 27 27 27 27 27 27 27 27 27 27 27
3A B5 A9 4A 81 None 0 27 27 27 27 27 27 27 27 27 27 27 27 27 27 Valid
27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27
C2 B8 17 61 9F 27 27 27 27 27 27 27 27 27 27 27 27 27 27
C8 12 B4 40 AC D2 8C 42 A4 27 A1 39 34 C3 81 E8 0B 87
90 1F 8A F5 7C CC 5A 0E 97 A1 76 5E C1 27 27 27 27 27 27
A1 28 AD 7F Change
7.7110 CA 67 D6 90 27 A7 8C 6A 22 27 97 29 CC 27 27 27 27 27 27 Invalid
A2 AB 16 BC File Name 29 24 D8 AD 9F BF A1 76 54 9A 0E 54 31 27 27 27 27 27 27
EC 3F E3 7C 50 55 63 D8 6F 27 97 0F D9 B3 29 4E 8A
DE 31 CC 72 D8 16 34 B5 2F 7C 67 8D CA 27 27 27 27 27 27
20 FF 86 BB 23
55 48 B3 34 22 E2 43 0B E6 8A 27 E2 9B 39 27 27 27 27 27 27
AD 28 E4 AB Sharpen 21.4224 31 E0 90 8F D2 CC 10 22 8D D1 27 CC ED Invalid
27 27 27 27 27 27
81 4D 0E 79 AA 3A E8 63 27 BF B3 9F 58 9F 5A 58 9F 10
E3 E8 9B A7 9A 8D BF 76 0B 4E 6F 27 27 27 27 27 27
E5 DE 72 D4 EF
42 28 AD E8 C0 22 1F 3D A1 16 27 9F EF 27 27 27 27 27 27
F6 6C 1B 2A 29
Gaussian DB 27 76 39 A1 90 0B BF 6F 9A E1 E2 C1 27 27 27 27
A7 D8 3D 1B 165.0561 0E 27 A1 D3 9F 2F 54 ED 27 E6 E1 9A 96 Invalid
8D B0 C8 Smoothing 29 D8 58 4F 22 5A 29 29 5E 27 27 16 58 27
D9 58 BF D1 9A 0B BF B3 65 E2 8A
27 27 27 27 27 27 27 27 27 27 27 27 27 27
9D F8 EC 28 11 27 27 27 27 27 27 27 27 27 27 27 27 27 27
92 B2 D2 57 51 None 0 27 27 27 27 27 27 27 27 27 27 27 27 27 27 Valid
27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27
D5 05 36 65 43 27 27 27 27 27 27 27 27 27 27 27 27 27 27
85 9E 72 A6 1F 9A 27 E2 16 71 34 EF E9 9D 40 7C 58 9A
27 90 90 D1 2F 29 0C 7A 40 BF EF D9 45 27 27 27 27 27 27
E4 83 93 0A 1D Change
7.4510 29 27 27 6F 87 72 28 CC C0 D2 78 95 C1 58 27 27 27 27 27 27 Invalid
7C 73 1D 25 72 File Name 19 C5 65 EF 33 EC 78 6A 8D C3 B5 3A D8 27 27 27 27 27 27
F0 6E B0 3C 31 BF C7 D1 D2 52 1F 43 9B 96 9A 7C
76 9F 58 C5 A1 39 9F A1 3A 42 10 54 59 27 27 27 27 27 27 27
C8 C2 A4 C9
7A CC 7C DE 0B 54 DB DB 0B 40 40 BF 27 27 27 27 27 27
AA 54 E3 A5 93 Sharpen 20.1862 27 16 9F 29 EF A4 72 58 C7 A7 74 27 9B 5E Invalid
27 27 27 27 27 27
C9 EF 48 A1 7D 25 C5 43 D1 28 DE D9 6A 9F 27 D3 4C 67
78 D8 A0 AD D9 EF 43 85 8C E6 16 27 27 27 27 27 27
D1 37 E3 AA
29 28 9F B2 27 EC 59 A1 9D 90 0C 0C EF 27 27 27 27 27 27
DB 91 D8 21 56
Gaussian 5A 40 E8 27 A7 43 0C 52 7A 0B EF 90 45 27 27 27 27
30 C1 D1 E2 63 155.6131 6A A1 42 59 EC 8F 8F 58 90 9F 78 DB 8D Invalid
87 Smoothing C5 25 19 9F 27 31 B5 10 ED E6 16 9F 3A
9F 87 C0 EF 48 40 48 0B 27 AD 9A A1
27 27 27 27 27 27 27 27 27 27 27 27 27 27
8E D8 5D D7 F7 27 27 27 27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27
9A 4D 0B 5B None 0 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 Valid
CC 91 36 70 CD 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27
27 27 27 27 27 27 27 27
C1 47 D1 3C 1A D8 83 9A C5 A7 63 82 4F A4 37 4E 27 58
27 27 27 27 27 27
83 E8 81 11 BF 9F E2 55 EF 27 27 8C 29 90 9A 87 40 25 B2 27 27 27 27 27 27
Change
A6 65 90 B5 26 7.9384 60 D8 2F D8 9B A1 A1 42 90 42 EF EF 10 27 27 27 27 27 27 Invalid
File Name 85 22 39 C3 DB A1 E3 9F 27 0C 16 BF 48
E8 B0 12 C0 07 60 52 58 67 1D 27 E3 B5 9A 29 22
27 27 27 27 27 27
1C 9F 65 D6 A9 33 83 0C 19 9F E0 22 E0 33 58 E8 E0 A1 9A 27 27 27 27 27 27
59 67 98 CE 15 90 45 EF C5 3A 8C 6F 6F BF 37 FA 93 11 27 27 27 27 27 27
EB 71 C6 8F 3B Sharpen 21.1848 BF A4 27 D8 E6 7C E6 A1 EF 54 59 EF 29 27 27 27 27 27 27 Invalid
90 72 34 C3 09 29 09 29 9F 27 10 6A 48 54
C9 6F 49 4D DE FA 58 90 7C A4 54 9D 9A C0 8C 27 27 27 27

horized licensed use limited to: NUST School of Electrical Engineering and Computer Science (SEECS). Downloaded on September 28,2023 at 04:09:31 UTC from IEEE Xplore. Restrictions ap
348
 2022 International Seminar on Application for Technology of Information and Communication (iSemantic)

6C 91 AB 3D 8F 72 66 BF E2 A1 29 7C 96 9F 54 22 54 54 9F
Gaussian 27 DB 9F B2 A1 54 6F 7A E6 27 FA 19 19
62 DB CE 7D 159.8784 16 D8 DE 90 B1 22 27 7C 09 0B 29 76 6A Invalid
1B Smoothing 9F 22 3D 7C 52 CA E3 9A 7A 37 58 ED 7C
7C 7A 8C 58 0C 58 0B 87 B3 9A 27
27 27 27 27 27 27 27 27 27 27 27 27 27 27
88 C0 DA 27 88 27 27 27 27 27 27 27 27 27 27 27 27 27 27
57 94 E0 B4 DD None 0 27 27 27 27 27 27 27 27 27 27 27 27 27 27 Valid
27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27 27
E0 D5 5D D1 27 27 27 27 27 27 27 27 27 27 27 27 27 27
C4 13 EB F3 40 E9 D3 6F 90 4E 5F 9D CE D8 D1 43 76 27
B3 6F DE ED D1 34 D8 37 40 58 6F DE D9 27 27 27 27 27 27
26 58 EA 41 92 Change
7.7192 B3 40 90 C0 E9 C5 63 C3 29 10 6A CC C5 27 27 27 27 27 27 Invalid
EC 09 7A 1D File Name 52 D8 76 27 34 9F EF 22 8C 10 4C 45 DE 27 27 27 27 27 27
5C D7 EF D9 F8 BF 8A 42 31 1D 28 29 90 4E 42 C1 B1
24 7A CC 90 D8 22 CE D6 3A 97 9B 29 1F 27 27 27 27 27 27
BF A6 1D A6
CC 16 16 6A AD CA 24 1F 7A E2 E6 37 10 27 27 27 27 27 27
5B 76 65 04 4B Sharpen 20.7216 9F 40 52 C0 D8 5E 09 EF 29 78 9A E3 19 Invalid
27 27 27 27 27 27
04 E2 3B FC C2 7A 72 9F 5E 34 ED 3D 67 9F 09 0C 87 9F
9F 29 52 67 BF 58 9A D9 27 90 0B B1 27 27 27 27 27 27
D2 9E BF 02 39
D8 D3 CC 85 72 9F 83 27 3A E6 BF EF B2 27 27 27 27 27 27
34 68 5C 15 2C
Gaussian 29 22 7C 29 16 CA 27 37 D9 C7 9A 37 39 27 27 27 27
BC C1 4A E7 158.0685 58 EF 9F A4 E9 19 36 7C 0F 39 29 29 16 Invalid
3C CD 52 Smoothing DB 27 E1 16 37 10 37 28 E8 36 E0 78 6F D3
9F 40 58 10 72 9F 85 31 7A C1 10

Based on the proposed method, this study focuses on 3
(three) sequential methods SHA-256  Signing DSA 
3DES encryption in the Signing Process on figure 2, then in
table 2 describes the results of each process, where the final
result of Signing Process is 3DES encryption or the digital
signature used. table 3 describes the Verify Process which is
the result of SHA-256 and 3DES decryption compared to
Verify DSA as shown in figure 3.
Fig. 6. Average Speed Test
In figure 6, the average speed information is obtained
from each speed test experiment carried out on each
certificate file. The average speed in the signing process is
0.01907 while the average speed in the verification process is
0.03814, so the comparison of the speed of the signing
process and verify process is 1: 2.
V. CONCLUSION
Based on the experimental results in table 4. it can be
concluded that the application of the 3-level cryptography
algorithms SHA-256, DSA, and 3DES was successful in
protecting digital certificate file authentication. The use of
the SHA-256 hash function is in line with the DSA method
and the implementation of 3DES which uses 2 private keys
so that the security of digital certificate files can be
increased. The pixel changes that appear in the MSE
calculation have the lowest value of 7.4510 and the highest
value of 165.0561 when the file is manipulated, it answers
the security of the proposed method is maintained because
the only valid file is the original file. The average speed test
of the proposed method in the signing process is 0.01907
seconds while in the verify process it is 0.03814 seconds so it
gets a 1:2 comparison.
REFERENCES
[1] C. A. Sari, E. H. Rachmawanto, and C. A. Haryanto, ‘Cryptography
Triple Data Encryption Standard (3DES) for Digital Image
Security’, Scientific Journal of Informatics, vol. 5, no. 2, Art. no. 2,
Nov. 2018, doi: 10.15294/sji.v5i2.14844.
[2] S. Aiswarya and R. Gomathi, ‘Review On Cryptography and
Steganography Techniques in Video’, in 2018 IEEE International
Conference on Computational Intelligence and Computing
Research (ICCIC), Dec. 2018, pp. 1–4. doi:
10.1109/ICCIC.2018.8782409.
[3] D. R. I. M. Setiadi, E. H. Rachmawanto, C. A. Sari, A. Susanto,
and M. Doheir, ‘A Comparative Study of Image Cryptographic
Method’, in 2018 5th International Conference on Information
Technology, Computer, and Electrical Engineering (ICITACEE),
Sep. 2018, pp. 336–341. doi: 10.1109/ICITACEE.2018.8576907.
[4] R. Damara Ardy, O. R. Indriani, C. A. Sari, D. R. I. M. Setiadi, and
E. H. Rachmawanto, ‘Digital image signature using triple
protection cryptosystem (RSA, Vigenere, and MD5)’, in 2017
International Conference on Smart Cities, Automation & Intelligent
Computing Systems (ICON-SONICS), Nov. 2017, pp. 87–92. doi:
10.1109/ICON-SONICS.2017.8267827.
[5] A. M. Qadir and N. Varol, ‘A Review Paper on Cryptography’, in
2019 7th International Symposium on Digital Forensics and
Security (ISDFS), Jun. 2019, pp. 1–6. doi:
10.1109/ISDFS.2019.8757514.
[6] S. Kumar and V. Singh, ‘A Review of Digital signature and hash
function based approach for secure routing in VANET’, in 2021
International Conference on Artificial Intelligence and Smart
Systems (ICAIS), Mar. 2021, pp. 1301–1305. doi:
10.1109/ICAIS50930.2021.9395882.
[7] M. M. Hoobi and M. M. Hoobi, ‘Improved Structure of Data
Encryption Standard Algorithm’, Journal of Southwest Jiaotong
University, vol. 55, no. 5, Art. no. 5, 2020, Accessed: Jun. 14, 2022.
[Online]. Available:
http://www.jsju.org/index.php/journal/article/view/723
[8] M. A. Nazal, R. Pulungan, and M. Riasetiawan, ‘Data Integrity and
Security using Keccak and Digital Signature Algorithm (DSA)’,
IJCCS (Indonesian Journal of Computing and Cybernetics
Systems), vol. 13, no. 3, Art. no. 3, Jul. 2019, doi:
10.22146/ijccs.47267.
[9] A. Safaa, F. Abdullatif, and T. Hasan, ‘Generating and Validating
DSA Private Keys from Online Face Images for Digital
Signatures’, International Journal on Advanced Science,
Engineering and Information Technology, vol. 9, p. 2019, Jun.
2019, doi: 10.18517/ijaseit.9.3.8950.
[10] P. Patil, P. Narayankar, N. D.g, and M. S.m, ‘A Comprehensive
Evaluation of Cryptographic Algorithms: DES, 3DES, AES, RSA
and Blowfish’, Procedia Computer Science, vol. C, no. 78, pp.
617–624, 2016, doi: 10.1016/j.procs.2016.02.108.
[11] W. Fang, W. Chen, W. Zhang, J. Pei, W. Gao, and G. Wang,
‘Digital signature scheme for information non-repudiation in
blockchain: a state of the art review’, EURASIP Journal on

horized licensed use limited to: NUST School of Electrical Engineering and Computer Science (SEECS). Downloaded on September 28,2023 at 04:09:31 UTC from IEEE Xplore. Restrictions ap
349
 2022 International Seminar on Application for Technology of Information and Communication (iSemantic)

Wireless Communications and Networking, vol. 2020, no. 1, p. 56,

Mar. 2020, doi: 10.1186/s13638-020-01665-w.
[12] L. Pishdad and F. Labeau, ‘Analytic Minimum Mean-Square Error
Bounds in Linear Dynamic Systems With Gaussian Mixture Noise
Statistics’, IEEE Access, vol. 8, pp. 67990–67999, 2020, doi:
10.1109/ACCESS.2020.2986420.

horized licensed use limited to: NUST School of Electrical Engineering and Computer Science (SEECS). Downloaded on September 28,2023 at 04:09:31 UTC from IEEE Xplore. Restrictions ap
350