Article Per Year (5 Year)
p-Index From 2021 - 2026
0.751
P-Index
This Author published in this journals
All Journal CAUCHY: Jurnal Matematika Murni dan Aplikasi Jurnal Teknologi Informasi dan Ilmu Komputer JOIV : International Journal on Informatics Visualization Buletin Pos dan Telekomunikasi
Windarta, Susila
Unknown Affiliation
Computer Science & IT Decision Sciences, Operations Research & Management Economics, Econometrics & Finance Engineering Industrial & Manufacturing Engineering Mathematics Social Sciences

Published : 4 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 4 Documents
Search

 1 
Practical Evaluation and Complexity Analysis of Forgery Attacks on the PAES-8 Authenticated Encryption Scheme Windarta, Susila; Purbasari, Imas
Buletin Pos dan Telekomunikasi Vol. 22 No. 2 (2024): December 2024
Publisher : Centre for Research and Development on Resources, Equipment, and Operations of Posts and I

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.17933/bpostel.v22i2.403

Abstract

The Parallelizable Authenticated Encryption Scheme (PAES)-8, designed by Ye et al. in 2014, claims to provide 128-bit authentication security in the nonce-misuse model. However, Sasaki and Wang's theoretical forgery attack on PAES-8 exposed vulnerabilities, suggesting a universal forgery with a complexity of approximately . This study presents a practical implementation of Sasaki and Wang’s theoretical forgery attack on the PAES-8 encryption scheme, uncovering significant modifications required for its execution. This including the use of DDT-based plaintext injection, staged state recovery, multiple injection attempts, and algorithmic adjustments. Our findings demonstrate that these modifications increase the attack complexity to approximately 211+212+27 = 212, indicating greater resistance in PAES-8 than previously anticipated. Future cryptanalysis should focus on exploring nonce-respecting models to evaluate the scheme’s security.
An Extended Cryptanalysis of Peyrin on SIMON-JAMBU64/96: A Study on Reduced-Tuple Attacks Windarta, Susila; Handayani, Wuri; Susanti, Bety Hayat
CAUCHY: Jurnal Matematika Murni dan Aplikasi Vol 10, No 2 (2025): CAUCHY: JURNAL MATEMATIKA MURNI DAN APLIKASI
Publisher : Mathematics Department, Universitas Islam Negeri Maulana Malik Ibrahim Malang

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.18860/cauchy.v10i2.36601

Abstract

This study evaluates and verifies the cryptanalysis of Peyrin \textit{et al.} on the SIMON-JAMBU64/96 Authenticated Encryption (AE) scheme, with the aim of extending the attack to a reduced number of tuples. We adopt both formal analysis and experimental validation, constructing collision-based distinguishers under a chosen-IV model and testing them with a decryption oracle. The main contribution is the demonstration that a distinguishing attack can be performed with just two tuples, showing that JAMBU is more vulnerable than previously assumed. We provide a detailed comparison of data complexity, where the two-tuple attack achieves a lower cost in the second phase ($4 \cdot 2^{48}$ queries) than the three-tuple attack ($6 \cdot 2^{48}$), at the expense of extra verification effort in the third phase. Overall, our results confirm that the SIMON-JAMBU64/96 scheme is susceptible to distinguishing, plaintext forgery, and plaintext-recovery attacks, thereby reaffirming and extending the findings of Peyrin \textit{et al.} to scenarios with more limited adversarial resources.
Enhancing Security in Cross-Border Payments: A Cyber Threat Modeling Approach Amiruddin, Amiruddin; Briliyant, Obrina Candra; Windarta, Susila; Setiadji, Muhammad Yusuf Bambang; Priambodo, Dimas Febriyan
JOIV : International Journal on Informatics Visualization Vol 9, No 6 (2025)
Publisher : Society of Visual Informatics

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.62527/joiv.9.6.3205

Abstract

Cross-border payment (CBP) systems are critical to the global economy but are increasingly susceptible to cyber threats due to their complex structures and diverse transaction models. This paper analyzes cyber vulnerabilities across four CBP models: correspondent banking (SWIFT), infrastructure (ApplePay), closed-loop (PayPal), and peer-to-peer (Ripple). It employs the STRIDE methodology and adapts the cyber threat modeling framework proposed by Khalil et al. Key objectives include identifying vulnerabilities, assessing the impact of threats, and proposing mitigation strategies. The corresponding banking model shows the highest threat impact due to extensive transaction elements crossing trust boundaries. In contrast, the closed-loop model demonstrates lower vulnerability because of fewer components outside its trust boundary. Peer-to-peer and infrastructure models present moderate risk levels influenced by blockchain transparency and infrastructure dependencies. Critical threats identified include abuse of authority, malware, and script injection, which can result in significant losses, such as financial theft, service outages, and data breaches. Results indicate that interactions between processes across trust boundaries exacerbate cyber risks. Strategic recommendations include reducing system complexity, reinforcing security protocols at trust boundaries, and integrating advanced threat detection mechanisms. The study highlights these vulnerabilities and risks and underscores the need for robust cybersecurity measures to protect CBP systems. This research contributes to the existing knowledge by providing a detailed threat assessment and practical insights for improving CBP security. Future studies should explore alternative modeling methods, update security contexts to reflect real-world scenarios, and analyze the impact of open banking technologies.
NSOC-VM: Kerangka Kerja Manajemen Kerentanan pada National Security Operation Center Nuha, Muhammad Azza Ulin; Windarta, Susila; Salman, Muhammad
Jurnal Teknologi Informasi dan Ilmu Komputer Vol 12 No 6: Desember 2025
Publisher : Fakultas Ilmu Komputer, Universitas Brawijaya

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.25126/jtiik.2025126

Abstract

Keamanan siber merupakan aspek penting dalam penyelenggaraan Infrastruktur Informasi Vital (IIV), yaitu sekumpulan infrastruktur strategis yang berdampak signifikan apabila mengalami gangguan. National Security Operation Center (NSOC) berperan sebagai pusat operasi keamanan siber nasional yang memberikan layanan keamanan bagi IIV. Di Indonesia, IIV menghadapi tingkat kerentanan dan ancaman siber yang tinggi, sementara pengelolaan kerentanannya masih menghadapi berbagai tantangan. Saat ini, belum tersedia kerangka kerja khusus yang mengatur pelaksanaan siklus manajemen kerentanan di NSOC untuk pelindungan IIV. Penelitian ini bertujuan untuk mengusulkan kerangka kerja National Security Operation Center-Vulnerability Management (NSOC-VM) yang dirancang untuk membantu NSOC dalam melakukan pengelolaan kerentanan. Kerangka kerja ini disusun dengan pendekatan Plan-Do-Check-Act (PDCA) dan dilengkapi dengan rekomendasi penerapan berdasarkan beberapa standar keamanan siber. Validasi dilakukan oleh sepuluh pakar yang memiliki keahlian dalam pelindungan IIV, operasional NSOC, dan manajemen kerentanan. Hasil penelitian menunjukkan bahwa kerangka kerja terdiri atas empat tahapan, sepuluh aktivitas utama, dan tiga puluh lima rekomendasi implementasi. Berdasarkan validasi yang dilakukan, kerangka kerja tersebut disetujui oleh para pakar sehingga dapat diterapkan oleh NSOC dalam mendukung pelindungan IIV di Indonesia.   Abstract Cybersecurity plays a pivotal role in safeguarding Critical Information Infrastructure (CII), which comprises strategic assets whose disruption could significantly impact national stability. The National Security Operation Center (NSOC) serves as Indonesia’s central entity for cybersecurity operations, providing protection and response capabilities for CII. However, CII in Indonesia continues to face high levels of cyber threats and vulnerabilities, while the implementation of comprehensive vulnerability management practices remains limited. Furthermore, a dedicated framework governing the vulnerability management lifecycle within the NSOC context has yet to be established. This study proposes the National Security Operation Center–Vulnerability Management (NSOC-VM) framework to enhance the effectiveness of vulnerability management activities at the NSOC. The framework is structured using the Plan-Do-Check-Act (PDCA) methodology and incorporates implementation recommendations aligned with recognized cybersecurity standards. Validation was carried out through expert judgment involving ten professionals with expertise in CII protection, NSOC operations, and vulnerability management. The validated framework consists of four phases, ten key activities, and thirty-five implementation recommendations. The experts confirmed the framework’s applicability and relevance, indicating its potential to support NSOC operations in strengthening CII protection in Indonesia.
Co-Authors Amiruddin Amiruddin Briliyant, Obrina Candra Dimas Febriyan Priambodo Muhammad Salman Muhammad Yusuf Bambang Setiadji Nuha, Muhammad Azza Ulin Purbasari, Imas Susanti, Bety Hayat Wuri Handayani