Securing Logins in Electronic Examination Systems for Tertiary Institutions Using Quick Response Code (QR) Technology and Multiple Hashing Algorithms

Abstract

This work is aimed at adding an extra layer of security to the login process of an electronic examination system as security has been identified as one of the critical success factors in the management of such exams. It proposes to secure the login process of an e-exam system through authentication and encryption to control access and avoid impersonation. A model of the e-exam system with Quick Response (QR) code generation capability was designed where a student’s matriculation number is accepted as input which is then converted into a two-dimensional bar code using a QR generator. Outputs from the QR code generator are then secured by encryption using MD5 and SHA-224 encryption algorithms. MD5 algorithm produces a 32-bit hash value which is further encrypted using SHA-224 that produces a resulting 56-bit hash value that is then saved in the password column of the user table in the database. This research resulted in a secure and web-based electronic examination authentication system implemented and tested on a client-server architecture. Performance evaluation of the developed system revealed that it is fast and effective, capable of authenticating students in an average of 0.624 seconds when the smartphone flashlight is off, and 0.318 seconds with flashlight turned on and consequently, resistant to brute force attacks. This paper fulfils an identified need to develop an electronic exam system that not only secures the question bank but equally ensures the security of the login process as well as the login details using a combination of two security techniques.