<![CDATA[The increasing use of the Internet of Things (IoT) in security systems such as Smart Doors has created new challenges for data security, especially the risk of wiretapping through sniffing attacks. This research proposes applying the One-Time Pad (OTP) XOR algorithm as an encryption method to protect QR Code-based data transmission in the Smart Door system. The implementation is carried out on three main communication paths: sending UUID from the server to the user's website, sending the results of QR Code scanning from ESP32-CAM to the server, and sending instructions from the server to the ESP32 device. The test results show that the resulting ciphertext is always different even though the plaintext is the same, with a 0% algorithm identification success rate by Cipher Identifier and a 100% resistance level to brute force XOR, based on testing using dCode.fr tools. In addition, the encryption and decryption processes are very fast, with an average encryption time on the ESP32-CAM of 0.34 milliseconds and an average decryption time on the ESP32 of 0.17 milliseconds. These results show that the OTP XOR algorithm is able to disguise data against basic cryptanalysis attacks and can be run on IoT devices that have limited resources. In the future, it is suggested to apply better key management methods such as pre-shared key (PSK), key rotation, or key derivation function (KDF) to improve the security of key distribution in this symmetrical system. In addition, the security system can be improved through separating the OTP key transmission path using an approach such as Out-of-Band Key Exchange or asymmetric key wrapping with the RSA algorithm so that the key remains protected even if sniffing occurs.]]>
Copyrights © 2025
