基于通用漏洞评分系统(CVSS)的SHA512和MD5算法漏洞测试

Buana Information Technology and Computer Sciences (BIT and CS) Pub Date : 2022-01-19 DOI:10.36805/bit-cs.v3i1.2046

Fahmi Basya, M. Hardjanto, Ikbal Permana Putra

{"title":"基于通用漏洞评分系统(CVSS)的SHA512和MD5算法漏洞测试","authors":"Fahmi Basya, M. Hardjanto, Ikbal Permana Putra","doi":"10.36805/bit-cs.v3i1.2046","DOIUrl":null,"url":null,"abstract":"This paper discusses the comparison of the results of testing the OTP (One Time Password) algorithm on two encryptions, namely SHA512 and MD5 which are applied to the Reconciliation Application of the Dinas Pemberdayaan Masyarakat dan Desa Kabupaten Sukabumi. This study uses the Vulnerability Assessment and Penetration Testing (VAPT) method, which combines two forms of vulnerability testing to achieve a much more complete vulnerability analysis by performing different tasks in the same focus area. The vulnerability assessment uses the Common Vulnerability Scoring System (CVSS) method. The results showed that the Vulnerability Assessment and Penetration Testing (VAPT) method was proven to be able to identify the level of security vulnerability in the Reconciliation Application at the Dinas Pemberdayaan Masyarakat dan Desa Kabupaten Sukabumi with a vulnerability level score of 5.3 in the SHA512 environment with a medium rating and 7.5 in the MD5 environment. with high ratings. So, it can be concluded that the best algorithm for implementing OTP is SHA512","PeriodicalId":389042,"journal":{"name":"Buana Information Technology and Computer Sciences (BIT and CS)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-01-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"SHA512 and MD5 Algorithm Vulnerability Testing Using Common Vulnerability Scoring System (CVSS)\",\"authors\":\"Fahmi Basya, M. Hardjanto, Ikbal Permana Putra\",\"doi\":\"10.36805/bit-cs.v3i1.2046\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper discusses the comparison of the results of testing the OTP (One Time Password) algorithm on two encryptions, namely SHA512 and MD5 which are applied to the Reconciliation Application of the Dinas Pemberdayaan Masyarakat dan Desa Kabupaten Sukabumi. This study uses the Vulnerability Assessment and Penetration Testing (VAPT) method, which combines two forms of vulnerability testing to achieve a much more complete vulnerability analysis by performing different tasks in the same focus area. The vulnerability assessment uses the Common Vulnerability Scoring System (CVSS) method. The results showed that the Vulnerability Assessment and Penetration Testing (VAPT) method was proven to be able to identify the level of security vulnerability in the Reconciliation Application at the Dinas Pemberdayaan Masyarakat dan Desa Kabupaten Sukabumi with a vulnerability level score of 5.3 in the SHA512 environment with a medium rating and 7.5 in the MD5 environment. with high ratings. So, it can be concluded that the best algorithm for implementing OTP is SHA512\",\"PeriodicalId\":389042,\"journal\":{\"name\":\"Buana Information Technology and Computer Sciences (BIT and CS)\",\"volume\":\"2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-01-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Buana Information Technology and Computer Sciences (BIT and CS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.36805/bit-cs.v3i1.2046\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Buana Information Technology and Computer Sciences (BIT and CS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.36805/bit-cs.v3i1.2046","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

本文讨论了OTP (One Time Password)算法在用于Dinas Pemberdayaan Masyarakat dan Desa Kabupaten Sukabumi对账应用的SHA512和MD5两种加密上的测试结果的比较。本研究使用了漏洞评估和渗透测试(VAPT)方法，该方法结合了两种形式的漏洞测试，通过在同一重点领域执行不同的任务来实现更完整的漏洞分析。漏洞评估采用通用漏洞评分系统(Common vulnerability Scoring System, CVSS)方法。结果表明，脆弱性评估和渗透测试(VAPT)方法被证明能够识别出Dinas Pemberdayaan Masyarakat dan Desa Kabupaten Sukabumi的和解应用程序的安全漏洞级别，在SHA512环境下的漏洞级别得分为5.3，评级中等，在MD5环境下的漏洞级别得分为7.5。收视率很高。因此，可以得出实现OTP的最佳算法是SHA512

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

SHA512 and MD5 Algorithm Vulnerability Testing Using Common Vulnerability Scoring System (CVSS)

This paper discusses the comparison of the results of testing the OTP (One Time Password) algorithm on two encryptions, namely SHA512 and MD5 which are applied to the Reconciliation Application of the Dinas Pemberdayaan Masyarakat dan Desa Kabupaten Sukabumi. This study uses the Vulnerability Assessment and Penetration Testing (VAPT) method, which combines two forms of vulnerability testing to achieve a much more complete vulnerability analysis by performing different tasks in the same focus area. The vulnerability assessment uses the Common Vulnerability Scoring System (CVSS) method. The results showed that the Vulnerability Assessment and Penetration Testing (VAPT) method was proven to be able to identify the level of security vulnerability in the Reconciliation Application at the Dinas Pemberdayaan Masyarakat dan Desa Kabupaten Sukabumi with a vulnerability level score of 5.3 in the SHA512 environment with a medium rating and 7.5 in the MD5 environment. with high ratings. So, it can be concluded that the best algorithm for implementing OTP is SHA512

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Buana Information Technology and Computer Sciences (BIT and CS)

自引率

0.00%

发文量