Implementasi JSON Web Token Berbasis Algoritma SHA-512 untuk Otentikasi Aplikasi BatikKita
Implementasi JSON Web Token Berbasis Algoritma SHA-512 untuk Otentikasi Aplikasi BatikKita
Abstract
Batikkita is an android based application and web framework laravel web service architecture that is used to bring together between craftsmen and consumers of batik Trusmi and batikkita application with the e-commerce model used is business to customer. The backend system interface used is a web framework while the frontend system interface used is android. The problem that arises from the Batikkita application is that the security of users, both as sellers and consumers, is very vulnerable to being hacked, so it is very detrimental to both sellers and buyers. This study aims to implement the JSON Web Token based on the HMAC SHA-512 algorithm in the Batikkita application in order to provide a sense of security for both the seller and the buyer before entering the sales transaction page. The application development method used is Rapid Application Development because the cycle used to develop our batik application is very short so it is very helpful in this research. While the implementation of JSON Web Token with the HMAC SHA-512 algorithm in the Batikkita application is used to improve user security when logging in to the Batikkita application in the form of a token and the password used by the user is wrapped in a token given by the Batikkita application. As a comparison, the HMAC SHA-256 algorithm and the HMAC SHA-384 algorithm are used. The results obtained from testing the implementation of JSON Web Token with the SHA-512 algorithm in our batik application, for an average increase of speed between 138.8 milliseconds for SOAP and 122.7 milliseconds for REST compared to the HMAC SHA-256 algorithm and the HMAC SHA-algorithm. 384. While the required token size is greater between 2.13 kb for SOAP and 2.11 kb for REST compared to the HMAC SHA-256 algorithm and the HMAC SHA-384 algorithm.
Downloads
References
A. Rahmatulloh, H. Sulastri, dan R. Nugroho, “Keamanan RESTful Web Service Menggunakan JSON Web Token ( JWT ) HMAC SHA-512,” JNTETI, vol. 7, no. 2, hal. 131–137, 2018.
R. Gunawan dan A. Rahmatulloh, “JSON Web Token ( JWT ) untuk Authentication pada Interoperabilitas Arsitektur berbasis RESTful Web Service,” JEPIN (Jurnal Edukasi dan Penelit. Inform., vol. 5, no. 1, hal. 74–79, 2019.
Edy, Ferdiansyah, W. Pramusinto, dan S. Waluyo, “Pengamanan Restful API menggunakan JWT untuk Aplikasi Sales Order,” J. RESTI, vol. 3, no. 2, hal. 106–112, 2019.
A. P. Aldya, A. Rahmatulloh, dan M. N. Arifin, “Stateless Authentication with JSON Web Tokens using RSA-512 Algorithm,” J. INFOTEL, vol. 11, no. 2, hal. 36–42, 2019.
A. Rahmatulloh, R Gunawan, dan F. M. S. Nursuwars, “Performance comparison of signed algorithms on JSON Web Token Performance comparison of signed algorithms on JSON Web Token,” in SICIR, 2019, hal. 1–9.
B. E. Sabir, M. Youssfi, O. Bouattane, dan H. Allali, “Authentication and load balancing scheme based on JSON Token for Multi-Agent Systems,” Procedia Comput. Sci., vol. 148, hal. 562–570, 2019.
L. V. Jánoky, J. Levendovszky, dan P. Ekler, “An analysis on the revoking mechanisms for JSON Web Tokens,” Int. J. Distrib. Sens. Networks, vol. 14, no. 9, hal. 1–10, 2018.
Z. Da, W. Yang, P. Ran, dan Y. Huo, “Program Design of JSON to Structured Data Conversion,” in MATEC Web of Conferences, 2017, vol. 139, hal. 1–4.
A. W. P. Putra, A. Bhawiyuga, dan M. Data, “Implementasi Autentikasi JSON Web Token ( JWT ) Sebagai Mekanisme Autentikasi Protokol MQTT Pada Perangkat NodeMCU,” J. Pengemb. Teknol. Inf. dan Ilmu Komput., vol. 2, no. 2, hal. 584–593, 2018.
D. I. Nassr, “Secure Hash Algorithm-2 formed on DNA,” J. Egypt. Math. Soc., vol. 27, no. 1, hal. 1–20, 2019.
M. Ahmad, E. Al Solami, X. Y. Wang, M. N. Doja, M. M. Sufyan Beg, dan A. A. Alzaidi, “Cryptanalysis of an image encryption algorithm based on combined chaos for a BAN system, and improved scheme using SHA-512 and hyperchaos,” Symmetry (Basel)., vol. 10, no. 7, hal. 1–18, 2018.
M. A. Nazal, R. Pulungan, dan M. Riasetiawan, “Data Integrity and Security using Keccak and Digital Signature Algorithm (DSA),” IJCCS (Indonesian J. Comput. Cybern. Syst., vol. 13, no. 3, hal. 273–282, 2019.
A. Sideris, T. Sanida, dan M. Dasygenis, “High Throughput Implementation of the Keccak Hash Function Using the Nios-II Processor,” Technologies, vol. 8, no. 1, hal. 15, 2020.
N. Abdoun, S. El Assad, T. M. Hoang, O. Deforges, R. Assaf, dan M. Khalil, “Designing Two Secure Keyed Hash Functions Based on Sponge Construction and the Chaotic Neural Network,” Entropy J., vol. 2, no. 2, hal. 1–32, 2020.
H. Tiwari dan K. Asawa, “A secure and efficient cryptographic hash function based on NewFORK-256,” Egypt. Informatics J., vol. 13, no. 3, hal. 199–208, 2012.
K. Seetharaman dan R. Ragupathy, “LDPC and SHA based iris recognition for image authentication,” Egypt. Informatics J., vol. 13, no. 3, hal. 217–224, 2012.
Andri, “Penerapan Algoritma Pencarian Binary Search dan QuickSort pada Aplikasi Kamus Bahasa Palembang Berbasis Web,” J. Inform. J. Pengemb. IT, vol. 04, no. 01, hal. 70–74, 2019.
A. P. Atmaja dan A. Azis, “Sistem Informasi Terintegrasi Evaluasi Kegiatan Mengajar Dosen Sebagai Implementasi Sistem Penjaminan Mutu Internal,” J. Matrix, vol. 9, no. 1, hal. 1–6, 2019.
R. R. Sani dan D. Kurniawan, “Rancang Bangun Sistem Try Out Berbasis Paperless Untuk Evaluasi Hasil Belajar Siswa Dengan MVC,” J. Teknol. Inf. dan Ilmu Komput., vol. 6, no. 3, hal. 277–286, 2019.
A. P. Atmaja dan S. V. Yulianto, “Integrated Student portal Menggunakan Metode Pengembangan Siklus Pendek,” JIPI (Jurnal Ilm. Penelit. dan Pembelajaran Inform., vol. 03, no. 01, hal. 24–31, 2018.
A. H. Faqih, T. G. Laksana, dan A. Febriati, “Sistem informasi reporting curiculum vitae karyawan menggunakan metode rapid application development berbasis website di PT. PINS Indonesia,” JIPI (Jurnal Ilm. Penelit. dan Pembelajaran Inform., vol. 03, no. 01, hal. 69–75, 2018.
S. Mcdonald et al., “Environmental Modelling & Software Web-based decision support system tools : The Soil and Water Assessment Tool Online visualization and analyses ( SWATOnline ) and NASA earth observation data downloading and reformatting tool ( NASAaccess ),” Environ. Model. Softw., vol. 120, no. August, hal. 104499, 2019.
O. Dagdeviren, V. K. Akram, dan A. Farzan, “A Distributed Evolutionary Algorithm for Detecting Minimum Vertex Cuts for Wireless Ad hoc and Sensor Network,” J. Netw. Comput. Appl., vol. X, hal. 1–39, 2018.
H. Wu, C. Bailey, P. Rasoulinejad, dan S. Li, “Automated Comprehensive Adolescent Idiopathic Scoliosis,” Med. Image Anal., hal. 1–31, 2018.
J. S. Jeong dan Á. Ramírez-Gómez, “Development of a web graphic model with Fuzzy-DEcision-MAking Trial and Evaluation Laboratory/Multi-Criteria-Spatial Decision Support System (F-DEMATEL/MC-SDSS) for sustainable planning and construction of rural housings,” J. Clean. Prod., hal. 1–31, 2018.
A. Sunardi dan Suharjito, “ScienceDirect ScienceDirect MVC Architecture : A Comparative Study Between Laravel Framework and Slim Framework in Freelancer Project Monitoring System Web Based,” Procedia Comput. Sci., vol. 157, hal. 134–141, 2019.
Y. Rhazali, Y. Hadi, dan A. Mouloudi, “Model Transformation with ATL into MDA from CIM to PIM Structured through MVC,” Procedia - Procedia Comput. Sci., vol. 83, no. Fams, hal. 1096–1101, 2016.
N. Prokofyeva dan V. Boltunova, “Analysis and Practical Application of PHP Frameworks in Development of Web Information Systems,” Procedia - Procedia Comput. Sci., vol. 104, no. December 2016, hal. 51–56, 2017.
D. Pop dan A. Altar, “Designing an MVC Model for Rapid Web Application Development,” Procedia Eng., vol. 69, hal. 1172–1179, 2014.
J. Gracia dan E. Bayo, “An effective and user-friendly web application for the collaborative analysis of steel joints,” Adv. Eng. Softw., vol. 119, no. March 2017, hal. 60–67, 2018.
A. Zaif dan A. E. Cerchia, “Integrating Online Marketing Strategies in B2B Companies,” Ovidius Univ. Ann. Econ. Sci. Ser., vol. XIX, no. 2, hal. 614–620, 2019.
P. Jasek, L. Vrana, L. Sperkova, Z. Smutny, dan M. Kobulsky, “Comparative analysis of selected probabilistic customer lifetime value models in online shopping,” J. Bus. Econ. Manag., vol. 20, no. 3, hal. 398–423, 2019.
J. Zhang, L. Li, dan Y. Qian, “A Study of Online Review Promptness in a B2C System,” Discret. Dyn. Nat. Soc., vol. 2016, hal. 1–10, 2016.
N. B. Puspitasari, S. N. W. P, D. N. Amyhorsea, dan A. Susanty, “Consumer ’ s Buying Decision -Making Process in E-Commerce,” in E3S Web of Conferences, 2018, vol. 11003, no. September 2016, hal. 1–6.
N. AlMajed, L. A. Maglaras, F. Siewe, H. Janicke, dan P. Bagheri Zadeh, “Prevention of crime in B2C E-Commerce: How E-Retailers/Banks protect themselves from Criminal Sctivities,” ICST Trans. Secur. Saf., vol. 3, no. 7, hal. 1–15, 2016.
W. Xu dan B. Li, “The third party logistics partner selection of B2C E-commerce enterprise,” MATEC Web Conf., vol. 100, hal. 1–10, 2017.
R. Li dan T. Sun, “Assessing factors for designing a successful B2C E-Commerce website using fuzzy AHP and TOPSIS-Grey methodology,” Symmetry (Basel)., vol. 12, no. 3, hal. 1–26, 2020.
Copyright (c) 2020 Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi)
This work is licensed under a Creative Commons Attribution 4.0 International License.
Copyright in each article belongs to the author
- The author acknowledges that the RESTI Journal (System Engineering and Information Technology) is the first publisher to publish with a license Creative Commons Attribution 4.0 International License.
- Authors can enter writing separately, arrange the non-exclusive distribution of manuscripts that have been published in this journal into other versions (eg sent to the author's institutional repository, publication in a book, etc.), by acknowledging that the manuscript has been published for the first time in the RESTI (Rekayasa Sistem dan Teknologi Informasi) journal ;