Data Security for School Service Top-Up Transactions Based on AES Combination Blockchain Technology
Abstract
The application of Blockchain technology has begun to be widely accommodated in industrial and business practitioner environments as a safeguard of transaction security so that now including the education sector, non-business institutions enjoy the use of this technology to support the learning process. Information on the protected Blockchain can be in the form of transactions, assets, identities, and other information packaged in digital form. Information is collected in the form of blocks that are interrelated by using the hash function as cryptographic encryption. This research uses Blockchain for online pocket money top-up transactions for students. The use of a centralized Blockchain is centralized to reduce server procurement costs, but to increase the security of transaction information, modification of each block series is carried out using the AES cryptographic approach. The results showed that the attack by inserting a Cross-Site Scripting (XSS) script if you want to know the value of the top-up transaction amount, you must be able to hack the cryptographic process. This is supported by chain validation testing to determine how many block changes have been changed.
Downloads
References
[2] D. Yaga, P. Mell, N. Roby, and K. Scarfone, "Blockchain Technology Overview," CoRR, vol. abs/1906.1, pp. 1–57, 2019, [Online]. Available: http://arxiv.org/abs/1906.11078.
[3] R. M. Parizi, A. Dehghantanha, K.-K. R. Choo, and A. Singh, "Empirical Vulnerability Analysis of Automated Smart Contracts Security Testing on Blockchains," CoRR, vol. abs/1809.0, pp. 103–113, 2018, [Online]. Available: http://arxiv.org/abs/1809.02702.
[4] A. Dorri, S. S. Kanhere, and R. Jurdak, "Blockchain in internet of things: Challenges and Solutions," CoRR, vol. abs/1608.0, pp. 1–13, 2016, [Online]. Available: http://arxiv.org/abs/1608.05187.
[5] N. M. Kumar and P. K. Mallick, "Blockchain technology for security issues and challenges in IoT," Procedia Computer Science, vol. 132, pp. 1815–1823, 2018, doi: 10.1016/j.procs.2018.05.140.
[6] R. Rivera, J. G. Robledo, V. M. Larios, and J. M. Avalos, "How digital identity on blockchain can contribute in a smart city environment," 2017 International Smart Cities Conference ISC2 2017, vol. 00, no. c, pp. 1–4, 2017, doi: 10.1109/ISC2.2017.8090839.
[7] T. G. N. R. Alamelu and R. Soundararajan, "Cryptography Using Neural Network," Proc. INDICON 2005 An International Conference of the IEEE India Council, vol. 2005, no. I, pp. 258–261, 2005, doi: 10.1109/INDCON.2005.1590168.
[8] S. D. Putra, M. Yudhiprawira, S. Sutikno, Y. Kurniawan, and A. S. Ahmad, "Power analysis attack against encryption devices: a comprehensive analysis of AES, DES, and BC3," TELKOMNIKA (Telecommunication, Computing, Electronics and Control,, vol. 17, no. 3, p. 1282, 2019, doi: 10.12928/telkomnika.v17i3.9384.
[9] S. Man and S. Shrestha, "C ++ Implementation of Neural Cryptography for Public Key Exchange and Secure Message Encryption with Rijndael Cipher," Academia.Edu, pp. 1–8, 2013, [Online]. Available: http://www.academia.edu/4055547/NeuroCrypto_C_Implementation_of_Neural_Cryptography_for_Public_Key_Exchange_and_Secure_Message_Encryption_with_Rijndael_Cipher.
[10] R. M. Awangga, "Peuyeum: A Geospatial {URL} Encrypted Web Framework Using Advance Encryption Standard-Cipher Block Chaining Mode," {IOP} Conf. Ser. Earth Environ. Sci., vol. 145, p. 12055, Apr. 2018, doi: 10.1088/1755-1315/145/1/012055.
[11] A. C. Nugraha, “Penerapan Teknologi Blockchain dalam Lingkungan Pendidikan,” Jurnal PRODUKTIF, vol. 4, no. 1, pp. 15–20, 2020.
[12] H. F. Putra and O. Penangsang, “Penerapan Blockchain dan Kriptografi untuk Keamanan Data pada Jaringan Smart Grid,” J. Tek. ITS, vol. 8, no. 1, pp. 11–16, 2019.
[13] A. Winarno, “Desain e-Transkip dengan Teknologi Blockchain,” Seminar Nasional Pakar ke 2, pp. 1–6, 2019.
[14] M. D. K. Perdani, Widyawan, and P. I. Santosa, “Blockchain Untuk Keamanan Transaksi Elektronik Perusahaan Financial Technology ( Studi Kasus Pada PT XYZ ),” Seminar Nasional Teknologi Informasi dan Multimedia, pp. 7–12, 2018.
[15] M. Benchoufi and P. Ravaud, "Blockchain technology for improving clinical research quality," Trials, vol. 18, no. 1, pp. 1–5, 2017, doi: 10.1186/s13063-017-2035-z.
[16] D. Efanov and P. Roschin, "The all-pervasiveness of the blockchain technology," Procedia computer science, vol. 123, pp. 116–121, 2018, doi: 10.1016/j.procs.2018.01.019.
[17] A. Wright and P. De Filippi, "Decentralized Blockchain Technology and the Rise of Lex Cryptographia," British Poultry Science, vol. 14, no. 2, pp. 149–152, 2015, doi: 10.1080/00071667308416007.
[18] M. Shabani, "Blockchain-based platforms for genomic data sharing: a decentralized approach in response to the governance problems?," Journal of the American Medical Informatics Association., vol. 26, no. 1, pp. 76–80, 2019, doi: 10.1093/jamia/ocy149.
[19] D. L. K. Chuen, Handbook of digital currency: Bitcoin, innovation, financial instruments, and big data. Academic Press, 2015.
[20] R. Henry, A. Herzberg, and A. Kate, "Blockchain access privacy: Challenges and directions," IEEE Secur. Priv., vol. 16, no. 4, pp. 38–45, 2018, doi: 10.1109/MSP.2018.3111245.
[21] P. Mahajan and A. Sachdeva, "A Study of Encrytion Algorithms AES, DES and RSA for Security," Exp. Mech., vol. 13, no. 15, p. 9, 2013, doi: 10.1007/BF02322384.
[22] D. A. Meko, “Jurnal Teknologi Terpadu Perbandingan Algoritma DES , AES , IDEA Dan Blowfish dalam Enkripsi dan Dekripsi Data Donzilio Antonio Meko Program Studi Teknik Informatika , STIMIK Kupang Jurnal Teknologi Terpadu,” Jurnal Teknologi Terpadu, vol. 4, no. 1, pp. 8–15, 2018.
[23] G. W. Bhaudhayana and I. M. Widiartha, “Implementasi algoritma kriptografi aes 256 dan metode steganografi lsb pada gambar bitmap,” Jurnal iImu Komputer. Univ. Udayana, vol. 8, no. 2, pp. 15–25, 2015.
[24] R. K. Meenakshi and A. Arivazhagan, "RTL Modelling for the Cipher Block Chaining Mode (CBC) for Data Security," Indonesian Journal of Electrical Engineering and Computer Science, vol. 8, no. 3, pp. 709–711, 2017, doi: 10.11591/ijeecs.v8.i3.pp709-711.
[25] A. Nugrahantoro et al., “Optimasi Keamanan Informasi Menggunakan Algoritma Advanced Encryption Standard ( AES ) Mode Chiper Block Chaining ( CBC ),” vol. XII, no. 1, pp. 12–21, 2020.
[26] R. Firmansyah and W. S. Prasetya, “Pencegahan Serangan Cross Site Scripting dengan Teknik Metacharacter pada Sistem e-Grocery,” Jurnal ENTER, vol. 1, no. Agustus, pp. 294–306, 2018.
[27] G. E. Rodríguez, J. G. Torres, P. Flores, and D. E. Benavides, “Cross-site scripting (XSS) attacks and mitigation: A survey,” Computer Networks, vol. 166, p. 106960, 2020, doi: https://doi.org/10.1016/j.comnet.2019.106960.
[28] D. Deuber, B. Magri, and S. A. K. Thyagarajan, "Redactable blockchain in the permissionless setting," Proc. - IEEE Symp. Secur. Priv., vol. 2019-May, pp. 124–138, 2019, doi: 10.1109/SP.2019.00039.
[29] N. Alzahrani and N. Bulusu, "Block-Supply Chain: A New Anti-Counterfeiting Supply Chain Using NFC and Blockchain," in Proceedings of the 1st Workshop on Cryptocurrencies and Blockchains for Distributed Systems, 2018, pp. 30–35, doi: 10.1145/3211933.3211939.
[30] G. Kumar, R. Saha, M. K. Rai, R. Thomas, and T. H. Kim, "Proof-of-Work Consensus Approach in Blockchain Technology for Cloud and Fog Computing Using Maximization-Factorization Statistics," IEEE Internet Things J., vol. 6, no. 4, pp. 6835–6842, 2019, doi: 10.1109/JIOT.2019.2911969.
The Authors submitting a manuscript do so on the understanding that if accepted for publication, the copyright of the article shall be assigned to Jurnal Lontar Komputer as the publisher of the journal. Copyright encompasses exclusive rights to reproduce and deliver the article in all forms and media, as well as translations. The reproduction of any part of this journal (printed or online) will be allowed only with written permission from Jurnal Lontar Komputer. The Editorial Board of Jurnal Lontar Komputer makes every effort to ensure that no wrong or misleading data, opinions, or statements be published in the journal.
This work is licensed under a Creative Commons Attribution 4.0 International License.