Design and Security Evaluation of an AES-256–Based Encrypted Receipt System for Electronic Service Businesses

Authors

  • M Syaifuddin Universitas Budi Darma
  • Moch. Iswan Perangin-angin Universitas Budi Darma

DOI:

https://doi.org/10.55537/jistr.v5i2.1397

Keywords:

AES-256 , Data Encryption , Customer Data Security

Abstract

The proliferation of digital technology has substantially heightened threats to customer data security within electronic service businesses at PT. Veneta. At present, PT. Veneta relies upon a manual transaction-recording system that remains vulnerable to theft, loss, and data deterioration. The absence of a computerized data-security infrastructure engenders significant vulnerabilities for potential misuse of customer data by unauthorized entities. In an effort to resolve these substantial challenges, a robust, efficient, and well-architected data-security system is requisite. The AES-256 algorithm represents one of the most formidable cryptographic algorithms for data protection, characterized by lightweight computational complexity. This algorithm demonstrates exceptional resistance to brute-force attacks and frequency-analysis methodologies. This research endeavors to design and implement a web-based customer data-security system utilizing the AES-256 algorithm at PT. Veneta. The research methodology employs Research and Development (R&D) utilizing a Waterfall approach encompassing six phases: requirements analysis, system design, development, testing, deployment, and implementation. The research findings demonstrate that the AES-256 algorithm successfully encrypts customer data into a 64-character hexadecimal ciphertext with exceptionally robust security characteristics. Unauthorized attempts to compromise the ciphertext via brute-force methodologies would necessitate 3.31 × 1056 years and 2256 key combinations. The data-security system implemented at PT. Veneta not only furnishes robust customer data protection but also substantially enhances customer confidence in data disclosure.

Downloads

Download data is not yet available.

References

[1] A. Tarute and J. Gillon, "The determinants of E-commerce adoption by SMEs in developing countries," Int. J. Inf. Manage., vol. 34, no. 3, pp. 365–378, Jun. 2014, doi: 10.1016/j.ijinfomgt.2014.02.001. https://doi.org/10.1016/j.ijinfomgt.2014.02.001

[2] H. Chen, R. H. Chiang, and V. C. Storey, "Business intelligence and analytics: From big data to big impact," MIS Q., vol. 36, no. 4, pp. 1165–1188, Dec. 2012, doi: 10.2307/41703503. https://doi.org/10.2307/41703503

[3] S. Romanosky, "Examining the costs and causes of cyber incidents," J. Cybersecurity, vol. 2, no. 2, pp. 121–135, Dec. 2016, doi: 10.1093/cybsec/tyw001. https://doi.org/10.1093/cybsec/tyw001

[4] K. M. Gatzlaff and K. A. McCullough, "The effect of data breaches on shareholder wealth," Risk Manage. Insur. Rev., vol. 13, no. 1, pp. 61–83, Mar. 2010, doi: 10.1111/j.1540-6296.2010.01178.x. https://doi.org/10.1111/j.1540-6296.2010.01178.x

[5] S. Mithas, A. Tafti, and W. Mitchell, "How a firm’s competitive environment guides its IT infrastructure strategy," MIS Q., vol. 37, no. 2, pp. 511–544, Jun. 2013, doi: 10.25300/MISQ/2013/37.2.09. https://doi.org/10.25300/MISQ/2013/37.2.09

[6] National Institute of Standards and Technology (NIST), "Security and Privacy Controls for Information Systems and Organizations," NIST Special Publication 800-53 Revision 5, Sep. 2020, doi: 10.6028/NIST.SP.800-53r5. https://doi.org/10.6028/NIST.SP.800-53r5

[7] Y. Cherdantseva and J. Hilton, "A Reference Model of Information Assurance & Security," in Proc. Int. Conf. Availability, Reliability Security (ARES), 2013, pp. 546–555, doi: 10.1109/ARES.2013.72. https://doi.org/10.1109/ARES.2013.72

[8] H. Cavusoglu, B. Mishra, and S. Raghunathan, "The value of information systems security investment: An analytical model," Inf. Syst. Res., vol. 15, no. 3, pp. 281–304, Sep. 2004, doi: 10.1287/isre.1040.0027. https://doi.org/10.1287/isre.1040.0027

[9] D. J. Solove, "A taxonomy of privacy," Univ. Pa. Law Rev., vol. 154, no. 3, pp. 477–560, Jan. 2006, doi: 10.2307/40041279. https://doi.org/10.2307/40041279

[10] G. Singh, "A Study of Encryption Algorithms (RSA, DES, 3DES and AES) for Information Security," Int. J. Comput. Appl., vol. 67, no. 19, pp. 33–38, Apr. 2013, doi: 10.5120/11507-7224. https://doi.org/10.5120/11507-7224

[11] A. Satoh, S. Morioka, K. Takano, and S. Munetoh, "A compact Rijndael hardware architecture with S-box optimization," in ASIACRYPT 2001: Advances in Cryptology, LNCS vol. 2248, 2001, pp. 239–254, doi: 10.1007/3-540-45682-1_15. https://doi.org/10.1007/3-540-45682-1_15

[12] National Institute of Standards and Technology (NIST), "Advanced Encryption Standard (AES)," Federal Information Processing Standards Publication (FIPS) 197, Nov. 2001, doi: 10.6028/NIST.FIPS.197. https://doi.org/10.6028/NIST.FIPS.197

[13] P. Chodowiec and K. Gaj, "Very compact FPGA implementation of the Advanced Encryption Standard (AES)," in Cryptographic Hardware and Embedded Systems (CHES), LNCS vol. 2779, 2003, pp. 319–333, doi: 10.1007/978-3-540-45238-6_26. https://doi.org/10.1007/978-3-540-45238-6_26

[14] J. Daemen and V. Rijmen, The Design of Rijndael: AES - The Advanced Encryption Standard. Berlin, Germany: Springer-Verlag, 2002, doi: 10.1007/978-3-662-04722-4. https://doi.org/10.1007/978-3-662-04722-4

[15] R. Anderson, "Why information security is hard - an economic perspective," in Proc. 17th Annu. Comput. Security Applications Conf. (ACSAC), 2001, pp. 358–365, doi: 10.1109/ACSAC.2001.991552. https://doi.org/10.1109/ACSAC.2001.991552

[16] M. Ahmed, A. N. Mahmood, and J. Hu, "A survey of network anomaly detection techniques," J. Netw. Comput. Appl., vol. 60, pp. 19–31, Jan. 2016, doi: 10.1016/j.jnca.2015.11.016. https://doi.org/10.1016/j.jnca.2015.11.016

[17] X. Han, C. Zou, and J. Zhang, "Literature survey of deep learning-based vulnerability analysis on source code," IET Softw., vol. 14, no. 6, pp. 654–664, Dec. 2020, doi: 10.1049/iet-sen.2020.0084. https://doi.org/10.1049/iet-sen.2020.0084

[18] M. Stoica, M. Mircea, and B. Ghilic-Micu, "Software Development Agile Methodologies. Improvements in Efficiency," Informatica Economica, vol. 17, no. 2, pp. 56–70, Jun. 2013, doi: 10.12948/issn14531305/17.2.2013.05. https://doi.org/10.12948/issn14531305/17.2.2013.05

Downloads

Published

2026-05-25

How to Cite

Syaifuddin, M., & Perangin-angin, M. I. (2026). Design and Security Evaluation of an AES-256–Based Encrypted Receipt System for Electronic Service Businesses . Journal of Information Systems and Technology Research, 5(2), 167–176. https://doi.org/10.55537/jistr.v5i2.1397

Issue

Vol. 5 No. 2 (2026): May 2026

Section

Articles

License

Copyright (c) 2026 M Syaifuddin, Moch. Iswan Perangin-angin

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.