Implementation of QR Code Attendance Security System Using RSA and Hash Algorithms

Abstract

The quick response (QR) code-based attendance application contributes to reducing paper usage and attendance input errors. However, in its implementation process, the QR-code-based attendance at a Bandung school demonstrates weaknesses. Absent students can fake their attendance for themselves or friends. This type of attack is known as fake QR code generation. This research proposes a security authentication system using the Rivest–Shamir–Adleman (RSA) encryption algorithm and the secure hash algorithm 1 (SHA-1) to secure QR code-based attendance applications from fake QR code generation attacks. The RSA algorithm encrypts QR code data to maintain privacy, while the SHA-1 algorithm ensures data integrity. Based on this method, the mutual authentication process between the QR code data generated by the student and the attendance reading application by the teacher can be established. The results obtained from a series of tests showed that the security system in the student attendance recording application that had been implemented at Madrasah Aliyah (MA) Al-Mukhlishin could detect and prevent fake QR code generation attacks. The test was conducted by changing the impact of the key length on RSA-1024 bits and RSA-2048 bits. The results showed that in RSA-1024 bits, energy consumption of 0.14 J and time of 1.66 s is more efficient than that in RSA-2048 bits, with energy consumption of 0.19 J and time of 2.09 s. Interestingly, if a higher level of security is required, the key length should be increased at the expense of some energy and time efficiency.