Perbandingan Waktu Pemecahan Password Menggunakan Algoritma Hash MD5, SHA-256, dan SHA-512 pada Serangan Brute Force

Authors

  • Nur Bainatun Nisa Universitas Islam Negeri Sumatera Utara https://orcid.org/0009-0008-1384-4604
  • Noni Fauzia Rahmadani Universitas Islam Negeri Sumatera Utara
  • Aulia Kartika Dewi Universitas Islam Negeri Sumatera Utara
  • Luftia Rahma Nasution Universitas Islam Negeri Sumatera Utara
  • Dzilhulaifa Siregara Universitas Islam Negeri Sumatera Utara
  • Rifdah Syahputri Universitas Islam Negeri Sumatera Utara
  • Ibnu Rusydi Universitas Islam Negeri Sumatera Utara

DOI:

https://doi.org/10.62383/polygon.v4i1.926

Keywords:

Brute Force, Information Security, MD5, Password Hash, SHA-256

Abstract

Password security is a critical component in protecting information systems, as passwords are often the primary target of various attacks, particularly brute force attacks. A brute force attack works by systematically attempting all possible character combinations until the correct password corresponding to a stored hash value is found. Therefore, the choice of an appropriate hash algorithm plays a significant role in determining a system’s resistance to such attacks. This study aims to analyze and compare the password cracking time of MD5, SHA-256, and SHA-512 hash algorithms under brute force attack scenarios. The research methodology involves generating hash values from a set of test passwords using each hash algorithm, followed by conducting brute force attacks to recover the original passwords based on the generated hash values. The collected data are analyzed by measuring the time required to crack passwords for each algorithm. The results indicate that MD5 has the fastest cracking time compared to SHA-256 and SHA-512, indicating a lower level of resistance to brute force attacks. SHA-256 demonstrates better security than MD5 but remains less resistant when compared to SHA-512. The SHA-512 algorithm requires the longest cracking time, reflecting the highest level of resistance to brute force attacks among the tested algorithms. In conclusion, hash algorithms with larger bit lengths provide stronger protection against brute force attacks and are more suitable for secure password storage in information systems.

Downloads

Download data is not yet available.

References

Andilala, Hidayah, A. K., Mahfuzy, A. R. W., & Oki, M. (2023). Implementasi kombinasi enkripsi Base64 dengan hashing SHA-1 dan MD5 pada aplikasi perpustakaan Universitas Muhammadiyah Bengkulu. Jurnal Teknologi Sistem Informasi dan Sistem Komputer TGD, 6, 694–703. https://doi.org/10.53513/jsk.v6i2.8546

Arisandi, D., Hartati, S., & Vrabora, G. (2025). Otentikasi dua faktor menggunakan TOTP dengan SHA-512 untuk sistem pemilihan presiden mahasiswa. EXPLORER Journal of Computer Science and Information Technology, 5(1), 14–25. https://doi.org/10.47065/explorer.v5i1.17

Dafi, R., Azhar, A., & Widiati, I. S. (2025). Evaluasi keamanan penyimpanan password menggunakan algoritma hash: MD5, SHA-1, dan Bcrypt. Seminar Nasional Teknologi Informasi Dan Bisnis (SENATIB) 2025, 1302–1305. https://doi.org/10.47701/q885nj69

Fachri, F. (2023). Optimasi keamanan web server terhadap serangan brute-force menggunakan penetration testing. Jurnal Teknologi Informasi Dan Ilmu Komputer (JTIIK), 10(1), 51–58. https://doi.org/10.25126/jtiik.2023105872

Fajrin, A. M., & Baharuddin, F. (2025). Analisis performa algoritma BLAKE2b dan SHA-256 pada implementasi blockchain. KESATRIA: Jurnal Penerapan Sistem Informasi (Komputer & Manajemen), 6(2), 451–460. https://doi.org/https://tunasbangsa.ac.id/pkm/index.php/kesatria/article/view/588

Hutagalung, J., Ramadhan, P. S., Sihombing, S. J., & Korespondensi, P. (2023). Keamanan data menggunakan secure hashing algorithm (SHA)-256 dan Rivest Shamir Adleman (RSA) pada digital signature. Jurnal Teknologi Informasi Dan Ilmu Komputer (JTIIK), 10(6). https://doi.org/10.25126/jtiik.2023107319

Kurniawan, F., Kusyanti, A., & Nurwarsito, H. (2022). Analisis dan implementasi algoritma SHA-1 dan SHA-3 pada sistem autentikasi Garuda Training Cost. Jurnal Pengembangan Teknologi Informasi Dan Ilmu Komputer, 1(9), 803–812.

Marcius, B., Wijaya, E., & Sutanto, F. A. (2024). Implementasi sistem autentikasi JSON Web Token pada aplikasi Fieldrent menggunakan algoritme SHA-512. Progresif: Jurnal Ilmiah Komputer, 19(2), 901–911. https://doi.org/10.35889/progresif.v19i2.1367

Mardhatillah, S., Sriwinar, & Armiady, D. (2025). Optimasi algoritma SHA-256 dan metode salt untuk pengamanan akun calon santri baru pesantren Almuslim. Jurnal Ilmu Komputer Aceh, 2, 1–7. https://doi.org/https://jurnal.fikompublisher.com/ilka/article/view/22

Nurjaman, A. R., & Turnip, A. T. (2024). Kombinasi algoritma kriptografi AES-256 dan SHA3-512 untuk meningkatkan keamanan dokumen PDF. JITTER - Jurnal Ilmiah Teknologi Dan Komputer, 11(1), 46–54. https://doi.org/10.33197/jitter.vol11.iss1.2024.2346

Santoso, M. H. (2021). Perbandingan algoritma kriptografi hash MD5 dan SHA-1. SEMANTIKA Prosiding Seminar Nasional Teknologi Informatika, 2, 54–59.

Setiadi, I., Widianti, S., & Kayuan, I. P. P. (2025). Implementasi kriptografi pengamanan data soal ujian di lingkungan. Jurnal Penelitian Rumpun Ilmu Teknik. https://doi.org/10.55606/juprit.v3i4.4569

Simangunsong, V., Hutasoit, Y. R., & Siallagan, D. (2025). Analisis terhadap keamanan password menggunakan hash SHA-256. Jurnal Quancom, 3(1). https://doi.org/10.62375/jqc.v3i1.431

Sitorus, N., Sharon, J., Sinaga, G., & Samosir, S. L. (2024). Analisis kinerja algoritma hash pada keamanan data: Perbandingan. Jurnal Quancom, 2(2). https://doi.org/10.62375/jqc.v2i2.432

Wijaya, R., Miharja, S., & Wilson. (2021). Implementasi algoritma AES-128 dan SHA-256 dalam perancangan aplikasi pengamanan file dokumen. Jurnal TIMES, 10(2), 80–87. https://doi.org/10.51351/jtm.10.2.2021666

Downloads

Published

2026-01-23

How to Cite

Nur Bainatun Nisa, Noni Fauzia Rahmadani, Aulia Kartika Dewi, Luftia Rahma Nasution, Dzilhulaifa Siregara, Rifdah Syahputri, & Ibnu Rusydi. (2026). Perbandingan Waktu Pemecahan Password Menggunakan Algoritma Hash MD5, SHA-256, dan SHA-512 pada Serangan Brute Force. Polygon : Jurnal Ilmu Komputer Dan Ilmu Pengetahuan Alam, 4(1), 65–73. https://doi.org/10.62383/polygon.v4i1.926

Similar Articles

<< < 1 2 3 

You may also start an advanced similarity search for this article.