This study aims to enhance security and efficiency in the digital distribution of salary slips within the XYZ Higher Education environment. The proposed method combines hybrid encryption using the Advanced Encryption Standard (AES-128) and Rivest–Shamir–Adleman (RSA) algorithms, as well as integrates Time-Based One-Time Password (TOTP) for two-factor authentication. This approach ensures the confidentiality of sensitive data while minimizing the potential for data leakage or unauthorized access to employee salary information. In its implementation, the system is designed using the Laravel framework and the Scrum software development methodology, enabling an iterative, measurable, and easily adaptable development process. Testing results indicate that the system can distribute salary slips with an average data encryption time of 0.15 milliseconds per slip (using AES-128), and an average AES key decryption time with RSA of 5 milliseconds per operation over 100 test iterations. Furthermore, when two-factor authentication (TOTP) was applied, the rate of unauthorized access attempts dropped to 0% across 50 brute force attack simulation attempts. Thus, the hybrid encryption approach is proven effective in maintaining data integrity, and the integration of TOTP enhances user authentication security. These quantitative findings establish the system as a more measurable reference model for other institutions seeking to manage sensitive data securely, efficiently, and reliably.

Penelitian ini bertujuan untuk meningkatkan keamanan dan efisiensi dalam pendistribusian slip gaji secara digital. Metode yang diusulkan yaitu memadukan enkripsi hibrida menggunakan algoritma (Advanced Encryption Standard) AES-128 dan (Rivest–Shamir–Adleman) RSA, serta mengintegrasikan Time-Based One-Time Password (TOTP) sebagai autentikasi dua faktor. Pendekatan ini memastikan kerahasiaan data sensitif, sekaligus meminimalkan potensi kebocoran atau akses tidak sah terhadap informasi gaji karyawan. Dalam implementasinya, sistem dirancang menggunakan kerangka kerja Laravel dan metodologi pengembangan perangkat lunak Scrum, sehingga memungkinkan proses pengembangan yang iteratif, terukur, dan mudah diadaptasi. Hasil pengujian menunjukkan bahwa sistem dapat mendistribusikan slip gaji dengan rata-rata waktu enkripsi data sebesar 0,15 milidetik per slip (menggunakan AES-128) dan waktu dekripsi kunci AES menggunakan RSA rata-rata 5 milidetik per operasi, pada skenario 100 percobaan. Selain itu, saat pengujian autentikasi dua faktor (TOTP) diterapkan, tingkat kegagalan akses tidak sah menurun hingga 0% pada 50 percobaan simulasi serangan bruteforce. Dengan demikian, enkripsi hibrida terbukti efektif dalam menjaga integritas data, dan integrasi TOTP meningkatkan tingkat keamanan autentikasi pengguna. Hasil kuantitatif ini dapat dijadikan sebagai model acuan yang lebih terukur bagi institusi lain yang ingin mengelola data sensitif secara aman, dan andal.

N. Afni, R. Pakpahan, and A. Rezky Jumarah, "Rancang Bangun Sistem Informasi Penggajian Dengan Implementasi Metode Waterfall" Jurnal Ilmu Komputer, vol. VII, Dec. 2019.

M. A. Hasan and D. Setiawan, "Aplikasi Keamanan Data Berbasis Web Menggunakan Algoritma AES 128 Untuk Enkripsi Dan Dekripsi Data" 2022.

T. Hidayat and R. Mahardiko, "A Systematic Literature Review Method On AES Algorithm for Data Sharing Encryption On Cloud Computing" International Journal of Artificial Intelligence Research, vol. 4, no. 1, 2020, doi: 10.29099/ijair.v4i1.154.

[4] M. N. Alenezi, H. Alabdulrazzaq, and N. Q. Mohammad, "Symmetric Encryption Algorithms: Review and Evaluation study" International Journal of Communication Networks and Information Security (IJCNIS), vol. 12, no. 2, 2020.

R. Imam, Q. M. Areeb, A. Alturki, and F. Anwer, "Systematic and Critical Review of RSA Based Public Key Cryptographic Schemes: Past and Present Status" IEEE Access, vol. 9, pp. 155949-155976, 2021, doi: 10.1109/ACCESS.2021.3129224.

R. Akter, M. A. R. Khan, F. Rahman, S. J. Soheli, and N. J. Suha, "RSA and AES Based Hybrid Encryption Technique for Enhancing Data Security in Cloud Computing" International Journal of Computational and Applied Mathematics & Computer Science, vol. 3, pp. 60-71, 2023, doi: 10.37394/232028.2023.3.8.

S. Deepika, V. D. L. Rajeswari, R. Yamini Varma, S. Ramya, and M. Y. Vineela Sravya, "Secure data transmission using hybrid cryptography" Journal of Emerging Technologies and Innovative Research (JETIR), vol. 8, no. 8, 2021.

V. Mahesh, B. Batta, and L. K. Suresh Kumar, "RSA-AES Hybrid Encryption: Combining The Strengths Of Two Powerful Algorithms For Enhanced Security" International Journal of Research and Analytical Reviews, 2023.

K. Jaspin, S. Selvan, S. Sahana, and G. Thanmai, "Efficient and secure file transfer in cloud through double encryption using AES and RSA algorithm" in 2021 International Conference on Emerging Smart Computing and Informatics (ESCI), 2021, pp. 791-796, doi: 10.1109/ESCI50559.2021.9397005.

F. Nuraeni, D. Kurniadi, N. Rahayu, and J. I. Komputer, "Implementation Of RSA And AES-128 Super Encryption On QR-Code Based Digital Signature Schemes For Document Legalization" Jurnal Teknik Informatika (JUTIF), vol. 5, no. 3, pp. 675-684, 2024, doi: 10.52436/1.jutif.2024.5.3.1426.

T. Suleski, M. Ahmed, W. Yang, and E. Wang, "A review of multi-factor authentication in the Internet of Healthcare Things" Digital Health, vol. 9, 2023.

L. Lumburovska, J. Dobreva, S. Andonov, H. M. Trpcheska, and V. Dimitrova, "A Comparative Analysis of HOTP and TOTP Authentication Algorithms. Which one to choose?" 2023.

H. Edison, X. Wang, and K. Conboy, "Comparing Methods for Large-Scale Agile Software Development: A Systematic Literature Review" IEEE Transactions on Software Engineering, vol. 48, no. 8, pp. 2709-2731, 2022, doi: 10.1109/TSE.2021.3069039.

M. Amini, A. Rahmani, M. Abedi, M. Hosseini, M. Amini, M. Amini, and M. Gostar, "Mahamgostar.Com As A Case Study For Adoption Of Laravel Framework As The Best Programming Tools For Php Based Web Development For Small And Medium Enterprises" 2020. [Online]. Available: www.mahamgostar.com

[Y. Wahyudin and D. N. Rahayu, "Analisis Metode Pengembangan Sistem Informasi Berbasis Website: A Literature Review" Jurnal Interkom: Jurnal Publikasi Ilmiah Bidang Teknologi Informasi Dan Komunikasi, vol. 15, no. 3, pp. 26-40, 2020, doi: 10.35969/interkom.v15i3.74.

A. C. Sassa, I. A. De Almeida, T. Nakagomi, F. Pereira, and M. S. De Oliveira, "Scrum: A Systematic Literature Review" International Journal of Advanced Computer Science and Applications (IJACSA), vol. 14, no. 4, 2023.

Z. Purnomo Prodi Sistem Informasi, J. Karim Prodi Sistem Informasi, B. Senung Prodi Sistem Informasi, dan S. Abdussamad, "Sistem Informasi Jasa Pemesanan Percetakan Berbasis Android" Jambura Journal of Electrical and Electronics Engineering, vol. 2, no. 2, hlm. 44-51, Jul 2020, doi: https://doi.org/10.37905/jjeee.v2i2.6006.