Implementation of GNU Privacy Guard (GPG) Hybrid Encryption to Improve Information Security at the University of Mataram’s Electronic Signature (E-Sign)

Abstract

Electronic signatures have been widely used for administrative purposes since 2020, especially when activities from home are a priority. University of Mataram is one of the state universities that provides electronic signature facilities (E-Sign) for its academic community. The ease of using E-Sign has its own obstacles, one of which is in terms of security protection. Protection in the information security system has a role to take preventive action if the worst scenario occurs to the information system, such as unauthorized access by hackers. Naturally, each signature has been given information related to several things, namely who signed, when it was signed, information for signature purposes, and hash values that can be used to ensure the integrity of the data from the signature. When unauthorized access occurs, hackers can create an identity using the identity of a particular person. This makes E-Sign validation difficult and potentially misused. In this study, a scheme for securing user identity is proposed using GNU Privacy Guard (GPG) to encrypt E-Sign data. The encryption process is carried out with two layers of public-private key cryptography combined with the PGP Key Server.