Improvement security in e-business systems using hybrid algorithm

E-business security becomes an important issue in the development of technology, to ensure the safety and comfort of transactions in the exchange of information is privacy. This study aims to improve security in e-business systems using a hybrid algorithm that combines two types of keys, namely symmetric and asymmetric keys. Encryption and decryption of messages or information carried by a symmetric key using the simple symmetric key algorithm and asymmetric keys using the Rivest Shamir Adleman (RSA) algorithm. The proposed hybrid algorithm requires a high running time in the decryption process compared to the application of a single algorithm. The level of security is stronger because it implements the process of message encryption techniques with two types of keys simultaneously.


INTRODUCTION
E-business systems have an important role in transaction management and business processes, and can create a competitive advantage, to compete in marketing and customer service development. Rice milling business is one of the processing industry category businesses [1] which produces rice production that is ready to be marketed, so this business has an important role in the agribusiness system in rice in Indonesia [2]. The need for increased customer service and transaction security, for business process management and presenting information in real-time, has become a new revolution as a breakthrough in utilizing the capabilities of internet technology using e-business [3]. Internet networks have innovated civilization from all directions, and have transformed business processes into a series of electronic-based financial transactions [4]. E-business systems accessed through the internet for business process management, electronic commerce, transactions between business partners, customers, suppliers, and other stakeholders in the company [5]. The development of e-business systems can improve customer service [6], business efficiency, and provide information according to user needs [7], [8]. The opportunity for e-business [9] to become a means of supporting business is the strength of the company is competing in modern markets [10]. Management of business transactions in an e-business system creates various problems, one of which is transaction security [11]. Security guarantees in e-business systems must be provided [12], to maintain the convenience of customers and companies in conducting business transactions. Security implementation can be done through various techniques such as encryption with homomorphic algorithms [13]. Risk control to ensure transaction security in system development with electronic transactions using a quantitative model. Determination of standards and limits of transaction security involving automatic information exchange using a checker model [14]. E-business maturity is a combination of various business processes that involve business structure and activity management, which utilize technology to improve services and convenience in transactions [15]. Security issues become a challenge for electronic transactions involving online communication, so a system that can protect against attacks or misuse of data is needed, as a result of business process complex problems and information exchange vulnerabilities, so a security model with cryptographic techniques is developed [16]. An e-business system is said to be good if it can accommodate all business processes, and meet the information needs of its users [17], share information about products and can directly conduct transactions.
Encryption in cryptography is a process of encoding information that refers to the security of computer-based information content. The digital signature authentication system uses the concept of asymmetric key cryptography, implementing hash functions to ensure document authenticity and integrity. Factors affecting the insecurity of information exchange can arise due to, inexperienced users, weak passwords, or improperly configured security settings [18]. Transaction security in e-business is carried out based on the sequence of activities. Security facilities for selling products and improving services can assist in providing references for information improvement. Two common methods are used to secure and protect the information, namely cryptography and steganography. Information security is very important because it supports the performance of e-business systems, in improving services to customers [19]. Cryptography is a technique of making messages or information secret and can only be accessed by authorized users through an encryption process using a mathematical model to recover secret keys from cryptographic devices [20]. This study aims to improve security in the e-business system for rice milling small and medium-sized enterprises (SMEs) by implementing cryptographic algorithms, which can strengthen passwords on user accounts and hide the exchange of transaction information. Digital transaction security transmitted over computer networks can be secured, using cryptographic techniques, which combine symmetric and asymmetric keys, so that only authorized users can access and view confidential data information, by implementing a hybrid algorithm for message encoding [21]. The proposed hybrid algorithm uses a combination of simple symmetric algorithms and the use of public and private keys by applying the Rivest Shamir Adleman (RSA) algorithm.

PROPOSED HYBRID ALGORITHM
Cryptographic techniques are the process of encrypting confidential or private information to maintain the confidentiality of messages, except for authorized users. There are two important components in the data encryption process, namely algorithms and keys. Algorithms are generally published while keys are kept secret to ensure security. The application of cryptography is divided into two types of keys, namely symmetrical and asymmetrical. This study proposes a hybrid algorithm that combines the use of the symmetric key and an asymmetric key simultaneously to encrypt messages. The application of symmetric keys uses a simple symmetric algorithm, and the application of asymmetric keys uses the RSA algorithm, based on two mathematical problems, namely number factorization and modulo operations. The application of this algorithm produces two different keys but connected mathematically [22]. The key for the encryption process is known as the public key and the key used for decryption is the private key. Both are key pairs that will be used in securing messages or information [23], [24]. The steps of the hybrid algorithm are shown in Figure 1, which is described as follows; − The plaintext is original or initial messages like human language in general. − Encryption is the process of encoding a message plaintext into ciphertext using a specific algorithm to generate a public key, resulting in messages that have no meaning. − Decryption is the process of translating the message encrypted (ciphertext) using a private key, thereby producing an understandable message (plaintext). − Chipertext is a message that has been encrypted and cannot be understood by unauthorized or legitimate users. Information security by applying a hybrid algorithm consists of two actors, namely the sender and receiver of the message. The message encoding stage begins with plaintext which is the original information that will be sent by the sender of the message, then the symmetric key encryption process is carried out using a simple symmetric algorithm, the results of symmetric key encryption are used in the asymmetric key TELKOMNIKA Telecommun Comput El Control  Improvement security in e-business systems using hybrid algorithm (L Sumaryanti) 1537 encryption process that applies the RSA algorithm [25], and produces a public key. Chipertext can be read by doing the decryption process using a private key and producing plaintext that is still encrypted, then the results are used in the decryption process with a symmetric key to producing the original message or plaintext. The application of the RSA algorithm consists of three main processes, namely key generation, encryption, and decryption [26].

Simple symmetric algorithm
Application of symmetric key with an encryption and decryption process using the same key [27]. Senders and recipients of messages use the same key model to be able to access information [28]. Symmetric algorithms are most commonly used because they can be combined with other algorithms to increase security, have good hardware and software performance, efficiency, and flexibility [29]. Symmetric key modeling according to alphabetic letters from A to Z, and numeric from 0 to 9, by providing integer initialization for each alphabet and numeric, such as A=1, B=2…., 9=36. Meanwhile, spaces are initialized with the integer 37. − Encryption technique a. Make a simple integer initialization for each letter of the alphabet and numeric, assuming I b. Choose an integer randomly assume it is n c. Find the value n -1 using the mod 37 operation, assume it is k d. Choose a negative number as a safeguard, assume na e. Find the value of n a -1 using mod 37, assume it is k1 − Decryption technique a. The assignment of a value in the form of an integer according to the initialization for each letter in the ciphertext, assume it is I b. Multiply the value I by the random value selected in the encryption process o get the values of k and k1 c. Calculate using the 37 modulo operation d. Find the plaintext with P=(I*k*k1) mod 37

Application of asymmetric keys using the RSA algorithm
RSA algorithm has a working concept that is factoring two large integers so that it becomes a problem that is difficult and challenging, but the encryption strength lies in the key length, if we add the length or size of the key is the encryption level will also increase gradually [30]. The main use of the RSA algorithm because it is the most secure key exchange mechanism [31], the appropriate domain for the implementation of this algorithm is to secure digital key transport signatures [32]. The stages of the RSA algorithm is described as follows [33]. − Procedure for generating keys a. Choose two large prime numbers at random p and q, the condition p≠q. b. Calculate the value of n=p×q. c. Calculate m=(p-1)(q-1). d. Select an integer e such that 1<e<m

Hybrid algorithm
The application of a hybrid algorithm is based on the concept of working two key types namely symmetric and asymmetric keys. This algorithm combines the two keys simultaneously on message encryption and decryption process, the merger of two key reasons, in order to improve the security message with the modified algorithm. Several previous studies have implemented several algorithm modifications [34] to improve the security of information exchange using cryptographic techniques. The proposed algorithm works: − Encryption process Encoding the original message is called "plaintext", done in the following steps; a. Plaintext encryption uses a symmetric key, the encryption technique applies a simple symmetric algorithm, with work steps as shown in sub-chapter 2.1. b. Generating public and private keys for asymmetric keys using the RSA algorithm. c. The encryption result in point (a) is used as plaintext in the next encryption process by applying the RSA algorithm using a public key, the work steps are shown in sub-chapter 2.2. This process will produce ciphertext. − Decryption process a. The translation of ciphertext messages begins with applying an asymmetric key, namely, decryption using the RSA algorithm with a private key, the work steps can be seen in sub-chapter 2.2. The results of the decryption process will produce plaintext that will be used in the next process. b. Decryption with a symmetric key using a simple symmetric algorithm, the process of translating the message from point (a) with the symmetric private key, which produces plaintext or the original message.

RESULTS AND ANALYSIS 3.1. Selection of integer value for plaintext initialization
Implementation of a symmetric key algorithm begins by selecting an integer for each letter of the alphabet and numeric. Determining the value of the integer will be used in the encryption and decryption process by applying the symmetric key. The initialization stages of integer values for alphabetic letters start from A to Z, with integer values ranging from 1 to 26. An example of its application is shown in Table 1. Table 2, it shows the results of selecting integer values for numeric values starting from 0 to 9 and one for the space character. This stage will be used in the next process, namely the encryption and decryption process using a symmetric key.

Plaintext for testing samples
The message used as a sample for the implementation of cryptography in e-business systems combines two types of keys, namely symmetric and asymmetric. For symmetric keys using simple keys while asymmetric keys apply the RSA algorithm. Trial sample text message security using "SIMPLE" shown in Table 3. The process of encrypting messages sent by the sender begins by determining the integer value for the sample message to be used based on the references from Table 1. The next step is to create a simple symmetric key and an asymmetric key using the RSA algorithm.

Preparation of simple symmetric key
The steps to generate this key are described in the following steps: − Choose a random integer, assume n=5. − Find the inverse of n by applying the mod 37 operation, so that n-1=15 is obtained, verify the inverse result by multiplying two numbers, then mod 37. (5x15 mod 37=1), then the first key (k)=15. − Again choosing a random negative number, assume na=-3. − Find the inverse of na=-3 with mod 37 operation, get the value of na-1=12, verify (-3x12 mod 37=1), then the second key k1=12. Result of the encryption process using simple symmetric key algorithms are shown in Table 4.

Generate keys RSA algorithm
− Choose a prime number p=5 and q=11, p≠q terms. − Calculating the value of n=(5x11=55) − Calculate the value of m=(5-1)x(11-1)=40 − Choose the integer e=3 condition 1 <e <m − Compute d to satisfy the congruence relationship 3×27=1 mod 40; so that the value of d=27, make it a private key − Determination of the public key, namely e, n=(3, 55) and the private key, namely n, d=(55, 27). The results of the encryption key application using the RSA algorithm are shown in Table 5.

Encryption using the RSA algorithm
RSA algorithm encryption process based on the key that has been created, namely: C=P e mod n, based on the previous stages is known the value of e=3, and n=55. The message is used for encryption using symmetric key encryption results in Table 4. Results of the RSA encryption algorithm, shown in Table 5.

Hybrid algorithm decryption
The decryption process using a hybrid algorithm is carried out by translating a sample message, namely "KM0SE9", by combining the RSA and symmetric algorithms, so that a plaintext message can be obtained that can be accessed by the recipient. The working steps of the hybrid algorithm to carry out the decryption process are described as follows;

Decryption using RSA
Encryption results of the message sample "KM0SE9" in Table 5, are used for the description process by applying the RSA algorithm. The steps taken to produce the translation of the decrypted message  Table 6, assuming the values of d=27 and n=55.

Symmetric algorithm decryption
The final stage for translating the message is done by a decryption process using a symmetric key algorithm. In the previous process, it was known that the values of k=15 and k1=12, so that to translate the ciphertext into the original message "plaintext" P=(I*k*k1) mod 37, I is the decrypted plaintext using the RSA algorith. Results of the description process using the symmetric algorithm shown in Table 7, is the last stage of the application of a hybrid algorithm that combines the RSA and symmetric algorithms, so that the original or original plaintext message is obtained.

Analysis of experiment results
Testing the results of the encryption using an example of the message "SIMPLE", by performing a simulation using Matlab, shows that the message security technique using cryptography uses a hybrid algorithm. Based on the experiment, it shows that the time needed to encrypt and decrypt messages is longer for a hybrid algorithm, compared to implementing one algorithm. In the implementation of cryptography, an important issue of concern is the file size or the number of strings and the time it takes to complete the encryption and decryption process which affects system performance and directly shows the complexity of each algorithm that has different work steps [35]. The hybrid algorithm has a stronger level of security because to translate messages or information one must perform a decryption process using two types of keys at once. Table 8 shows the comparison of the test results based on time (millisecond). Experiments in Table 8, using samples of different numbers of strings, show that the running time required for the decryption process is longer than the encryption process. The application of the hybrid TELKOMNIKA Telecommun Comput El Control  Improvement security in e-business systems using hybrid algorithm (L Sumaryanti) 1541 algorithm requires high running time, due to the weaknesses of the RSA algorithm which has a working concept of finding the multiplication factor of two large prime numbers [36]. Another factor is the application of two types of keys simultaneously for both the encryption and decryption processes, resulting in the greater complexity of the hybrid algorithm. The problem of running time can be overcome, by combining the symmetric key with other suitable algorithms, including the encryption technique using the advanced encryption standard (AES) method which can be considered in terms of saving the time needed for the decryption process [37].

CONCLUSION
The convenience of transacting and exchanging information in an e-business system can be supported by information security guarantees that apply cryptographic techniques. The application of the proposed hybrid method can improve the security of messages or information through the encryption process by combining two types of keys, namely symmetric and asymmetric keys, but in implementation, the time for the decryption process is longer than encryption. The main cause of the high running time during the decryption process is due to factors in the multiplication of two large prime numbers, the work step of the RSA algorithm.