PENERAPAN TEKNOLOGI BLOCKCHAIN ​​UNTUK VERIFIKASI IDENTITAS PENGGUNA PADA SISTEM AUTENTIKASI WEB BERBASIS BACKEND

Tabuni, Siprianus (2026) PENERAPAN TEKNOLOGI BLOCKCHAIN ​​UNTUK VERIFIKASI IDENTITAS PENGGUNA PADA SISTEM AUTENTIKASI WEB BERBASIS BACKEND. PENERAPAN TEKNOLOGI BLOCKCHAIN ​​UNTUK VERIFIKASI IDENTITAS PENGGUNA PADA SISTEM AUTENTIKASI WEB BERBASIS BACKEND. pp. 1-13. (Unpublished)

[thumbnail of PENERAPAN TEKNOLOGI BLOCKCHAIN UNTUK VERIFIKASI IDENTITAS PENGGUNA PADA SISTEM AUTENTIKASI WEB BERBASIS BACKEND] Text (PENERAPAN TEKNOLOGI BLOCKCHAIN UNTUK VERIFIKASI IDENTITAS PENGGUNA PADA SISTEM AUTENTIKASI WEB BERBASIS BACKEND)
Siprianus Tabuni_201931253_Jurnal_PENERAPAN TEKNOLOGI BLOCKCHAIN UNTUK VERIFIKASI IDENTITAS PENGGUNA PADA SISTEM AUTENTIKASI WEB BERBASIS BACKEND.pdf - Updated Version
Available under License Creative Commons Attribution.
Download (487kB)
[thumbnail of Lembar Pengesahan Penguji_Siprianus Tabuni_21931253.pdf] Text
Lembar Pengesahan Penguji_Siprianus Tabuni_21931253.pdf
Download (103kB)
[thumbnail of LEMBAR PENGESAHAN SKRIPSI.pdf] Text
LEMBAR PENGESAHAN SKRIPSI.pdf
Download (109kB)

Abstract

ABSTRACT
Conventional authentication systems based on username and password still dominate, despite being vulnerable to various cyber attacks. This study aims to implement and evaluate blockchain technology as an identity verification mechanism and comprehensively compare it with a traditional authentication system strengthened with modern cryptography. The research uses Research and Development (R&D) approach with prototyping method. Two systems were developed: (1) traditional login system with MySQL database integrating ECDSA algorithm for key generation, AES-256-GCM for private key encryption, and bcrypt for password hashing; (2) passwordless blockchain login system utilizing Solidity smart contracts, Ganache local network, and MetaMask wallet. Security testing was conducted through penetration testing scenarios including SQL Injection, Replay Attack, Signature Forgery, and JWT Tampering. The results show that the traditional login system successfully blocked 100% of SQL Injection attacks (45 out of 45 attempts failed) with response time under 50 ms. The blockchain login system demonstrated fundamental security resilience with a single-use nonce mechanism successfully preventing replay attacks and ECDSA digital signature verification mathematically ensuring user identity authenticity. This research concludes that both systems have excellent security resistance according to their respective defense mechanisms.

Keywords: Blockchain, ECDSA, Authentication Security, Replay Attack, SQL Injection, JWT.

ABSTRAK
Sistem autentikasi konvensional berbasis username dan password masih mendominasi, meskipun rentan terhadap berbagai serangan siber. Penelitian ini bertujuan untuk menerapkan dan mengevaluasi teknologi blockchain sebagai mekanisme verifikasi identitas, serta membandingkannya secara komprehensif dengan sistem autentikasi tradisional yang diperkuat dengan kriptografi modern. Penelitian menggunakan pendekatan Research and Development (R&D) dengan metode prototyping. Dua sistem dikembangkan: (1) sistem login tradisional dengan database MySQL yang mengintegrasikan algoritma ECDSA, AES-256-GCM, dan bcrypt; (2) sistem login blockchain tanpa password memanfaatkan smart contract Solidity, jaringan lokal Ganache, dan wallet MetaMask. Pengujian keamanan dilakukan melalui skenario penetration testing meliputi SQL Injection, Replay Attack, Signature Forgery, dan JWT Tampering. Hasil penelitian menunjukkan sistem login tradisional berhasil menangkal 100% serangan SQL Injection (45 percobaan gagal) dengan waktu respons di bawah 50 ms. Sistem login blockchain menunjukkan ketahanan keamanan fundamental dengan mekanisme nonce sekali pakai berhasil mencegah serangan replay dan verifikasi ECDSA memastikan keaslian identitas pengguna secara matematis. Penelitian ini menyimpulkan bahwa kedua sistem memiliki ketahanan keamanan yang sangat baik sesuai mekanisme pertahanan masing-masing.

Kata kunci: Blockchain, ECDSA, Authentication Security, Replay Attack, SQL Injection, JWT.

Item Type: Article
Additional Information: Kata kunci: Blockchain, ECDSA, Authentication Security, Replay Attack, SQL Injection, JWT.
Uncontrolled Keywords: Keywords: Blockchain, ECDSA, Authentication Security, Replay Attack, SQL Injection, JWT.
Subjects: Jurnal
Skripsi
Thesis
Divisions: Fakultas Telematika Energi > S1 Teknik Informatika
Depositing User: Mr Siprianus Tabuni
Date Deposited: 09 Mar 2026 04:33
Last Modified: 09 Mar 2026 04:34
URI: https://repository.itpln.ac.id/id/eprint/5724

Actions (login required)

View Item
View Item