Rancang Bangun Mobile Secure Chat dengan Mengimplementasikan Metodologi SSDLC-Agile dan Kriptografi
Abstract
Along with the times, the exchange of information is becoming faster. People now use chat applications as a form of communication. With this application, users can easily exchange messages, whether in the form of text, images, audio, or video, without being limited by differences in distance and time. The information circulating varies, ranging from unclassified, private, to maybe confidential. Therefore, an encryption-decryption mechanism is needed so that users can exchange information safely through the mobile chat application. This study aims to implement the Rabin cryptosystem, symmetric encryption, and the use of session keys in a secure chat infrastructure for mobile applications. The test results showed that the combination of cryptographic applications and the Secure SDLC can increase security in application development, in this case for mobile secure chat.
Keywords
Full Text:
PDFReferences
Albarqi, A., Alzaid, E., Ghamdi, F. al, Asiri, S., & Kar, J. (2015). Public Key Infrastructure: A Survey. Journal of Information Security, 06(01), 31–37. https://doi.org/10.4236/jis.2015.61004
Ali, A. H., & Sagheer, A. M. (2017). Design of a secure android chatting application using end to end encryption. 2(1). www.jseis.org
Ali, R. M., & Alsaad, S. N. (2020). Instant messaging security and privacy secure instant messenger design. IOP Conference Series: Materials Science and Engineering, 881(1). https://doi.org/10.1088/1757-899X/881/1/012117
Aminudin, A., Helmi, A. F., & Arifianto, S. (2018). Analisa Kombinasi Algoritma Merkle-Hellman Knapscak dan Logaritma Diskrit pada Aplikasi Chat. Jurnal Teknologi Informasi Dan Ilmu Komputer, 5(3), 325. https://doi.org/10.25126/jtiik.201853844
Ansari, M. T. J., Pandey, D., & Alenezi, M. (2022). STORE: Security Threat Oriented Requirements Engineering Methodology. Journal of King Saud University - Computer and Information Sciences, 34(2), 191–203. https://doi.org/10.1016/j.jksuci.2018.12.005
Asbullah, M. A., Rezal, M., Ariffin, K., Asbullah, M. A., & Ariffin, M. R. K. (2016). Design of Rabin-Like Cryptosystem without Decryption Failure. In Malaysian Journal of Mathematical Sciences (Vol. 10).
Carita, S. S., & Wahyuni, E. S. (2022). Modifikasi Tanda Tangan Digital Pada Skema Esign Berbasis Kurva Eliptik. Jurnal Ilmiah SINUS, 20(2), 33. https://doi.org/10.30646/sinus.v20i2.625
checkmarx.com_glossary_a-secure-sdlc-with-static-source-code-analysis-tools. (n.d.). Retrieved December 1, 2022, from https://checkmarx.com/glossary/a-secure-sdlc-with-static-source-code-analysis-tools/
Conklin, L., & Robinson, G. (2017). CODE REVIEW GUIDE RELEASE. OWASP. https://www.owasp.org
Ebert, F., Castor, F., Novielli, N., & Serebrenik, A. (2021). An exploratory study on confusion in code reviews. Empirical Software Engineering, 26(1). https://doi.org/10.1007/s10664-020-09909-5
Fujdiak, R., Mlynek, P., Mrnustik, P., Barabas, M., Blazek, P., Borcik, F., & Misurec, J. (2019). Managing the Secure Software Development. 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), 1–4. https://doi.org/10.1109/NTMS.2019.8763845
H. Ali, A., & Sagheer, A. M. (2017). Design of an Android Application for Secure Chatting. International Journal of Computer Network and Information Security, 9(2), 29–35. https://doi.org/10.5815/ijcnis.2017.02.04
Hajrić, A., Smaka, T., Barakovic, S., & Baraković-Husić, J. (2020). Methods, Methodologies, and Tools for Threat Modeling with Case Study. Telfor Journal, 12, 56–61. https://doi.org/10.5937/telfor2001056H
Harn, L., & Ren, J. (2011). Generalized digital certificate for user authentication and key establishment for secure communications. IEEE Transactions on Wireless Communications, 10(7), 2372–2379. https://doi.org/10.1109/TWC.2011.042211.101913
Hema, V., Thota, S., Naresh Kumar, S., Padmaja, C., Rama Krishna, C. B., & Mahender, K. (2020). Scrum: An Effective Software Development Agile Tool. IOP Conference Series: Materials Science and Engineering, 981(2). https://doi.org/10.1088/1757-899X/981/2/022060
Hevianto Saputro, T., Hidayati, N., & Ujianto, E. (2020). SURVEI TENTANG ALGORITMA KRIPTOGRAFI ASIMETRIS. Jurnal Informatika Polinema, 6, 67–72. https://doi.org/10.33795/jip.v6i2.345
Hussain, S., Kamal, A., Ahmad, S., Rasool, G., & Iqbal, S. (2014). THREAT MODELLING METHODOLOGIES: A SURVEY. 26, 1607–1609.
Kuliya, M., & Abubakar, H. (2020). Secured Chatting System Using Cryptography. www.ijcrt.org
Kusumaningrum, A., Wijayanto, H., & Raharja, B. D. (2022). Pengukuran Tingkat Kesadaran Keamanan Siber di Kalangan Mahasiswa saat Study From Home dengan Multiple Criteria Decision Analysis (MCDA). Jurnal Ilmiah SINUS, 20(1), 69. https://doi.org/10.30646/sinus.v20i1.586
Laksono, A. C., & Prayudi, Y. (2021). Threat Modeling Menggunakan Pendekatan STRIDE dan DREAD untuk Mengetahui Risiko dan Mitigasi Keamanan pada Sistem Informasi Akademik. JUSTINDO (Jurnal Sistem & Teknologi Informasi Indonesia), 6(1).
Mallouli, F., Hellal, A., Sharief Saeed, N., & Abdulraheem Alzahrani, F. (2019). A Survey on Cryptography: Comparative Study between RSA vs ECC Algorithms, and RSA vs El-Gamal Algorithms. 2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/ 2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom), 173–176. https://doi.org/10.1109/CSCloud/EdgeCom.2019.00022
Mathas, C.-M., Vassilakis, C., Kolokotronis, N., Zarakovitis, C. C., & Kourtis, M.-A. (2021). On the Design of IoT Security: Analysis of Software Vulnerabilities for Smart Grids. Energies, 14(10). https://doi.org/10.3390/en14102818
McGraw, G. (2006). Software Security: Building Security In. 2006 17th International Symposium on Software Reliability Engineering, 6. https://doi.org/10.1109/ISSRE.2006.43
MM, R., T, A., & A, R. (2016). Development of Cryptography-Based Secure Messaging System. Journal of Telecommunications System & Management, 05(03). https://doi.org/10.4172/2167-0919.1000142
Mulya, M., Rismawati, N., & Trisanto, D. (2021). Analisis Dan Perancangan Simulasi Algoritma Paillier Cryptosystem Pada Pesan Text Dengan Presentation Format Binary, Octal, Hexadecimal dan Base64. Faktor Exacta, 13, 208. https://doi.org/10.30998/faktorexacta.v13i4.7429
Nayak, S., Das, S., Das, S., Sarker, S., Sarker, P., Dey, A., Sinha, A., Saha, J., Banerjee, A., Saha, N., Chowdhury, S., Chowdhury, D., Pradhan, P., Banerjee, A., Ali, S. A., Saha, A., Dey, R., & Dey, S. (2017). An application for end to end secure messaging service on Android supported device. 2017 8th IEEE Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), 290–294. https://doi.org/10.1109/IEMCON.2017.8117222
Policy, U. S., & Bodansky, D. (2015). LEGAL OPTIONS FOR U.S. ACCEPTANCE OF A NEW CLIMATE CHANGE AGREEMENT. https://ssrn.com/abstract=2652008
Prabowo, I. A., YS, W. L., & Wahyudi, W. (2022). The Application of the Blowfish Algorithm and the Least Significant Bit Method for Securing Student Transcripts. Jurnal Ilmiah SINUS, 20(2), 87. https://doi.org/10.30646/sinus.v20i2.622
Saleh, F., & El-Attar, M. (2015). A Scientific Evaluation of the Misuse Case Diagrams Visual Syntax. Information and Software Technology, 66. https://doi.org/10.1016/j.infsof.2015.05.002
Setyadi, G., & Kusumawati, Y. (n.d.). Risk Mitigation Asset And Information Technology Component Framework Based On OCTAVE And FMEA At The Dian Nuswantoro University. Journal of Information System.
Sharma, S., & Kapoor, V. (2017). A Novel Approach for Improving Security by Digital Signature and Image Steganography. International Journal of Computer Applications, 171(8), 7–11. https://doi.org/10.5120/ijca2017915145
Shen, Y. (2020). Research on Internet Information Security in the Big Data Era. 218. https://doi.org/10.1051/e3sconf/202021804008
Subari, A., & Iman Satoto, K. (n.d.). DESAIN WEB SECURE LOGIN DENGAN ALGORITMA ENKRIPSI SIMETRI RC-6.
Sugiantoro, B., Anshari, M., & Sudrajat, D. (2020). Developing Framework for Web Based e-Commerce: Secure-SDLC. Journal of Physics: Conference Series, 1566(1). https://doi.org/10.1088/1742-6596/1566/1/012020
Sulaksono, D. H., Prabiantissa, C. N., Yuliastuti, G. E., Taqwa, A. R., Informatika, T., Elektro, T., Informasi, T., Adhi, T., & Surabaya, T. (2021). Implementasi Kriptografi dengan Metode Elliptic Curve Cryptography (ECC) untuk Aplikasi Chatting Berbasis Android. Seminar Nasional Sains Dan Teknologi Terapan, 570.
Tung, Y.-H., Lo, S.-C., Shih, J.-F., & Lin, H.-F. (2016). An integrated security testing framework for Secure Software Development Life Cycle. 2016 18th Asia-Pacific Network Operations and Management Symposium (APNOMS), 1–4. https://doi.org/10.1109/APNOMS.2016.7737238
Wang, Z., Zuo, M., Yao, S., & Aihemaiti, N. (2020). Internet of Vehicles Based on TrustZone and Optimized RSA. IOP Conference Series: Materials Science and Engineering, 782(2). https://doi.org/10.1088/1757-899X/782/2/022073
Zebua, T., Kristianto Hondro, R., Ndruru, E., Stiekom, A., Utara, S., Budi, S., & Medan, D. (2018). Message Security on Chat App based on Massey Omura Algorithm. International Journal Of Information System & Technology, 1(2), 16–23.
DOI: http://dx.doi.org/10.30646/sinus.v21i1.660
Refbacks
- There are currently no refbacks.
STMIK Sinar Nusantara
KH Samanhudi 84 - 86 Street, Laweyan Surakarta, Central Java, Indonesia
Postal Code: 57142, Phone & Fax: +62 271 716 500
Email: ejurnal @ sinus.ac.id | https://p3m.sinus.ac.id/jurnal/e-jurnal_SINUS/
ISSN: 1693-1173 (print) | 2548-4028 (online)
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.