Implementation of RSA 2048-bit and AES 256-bit with Digital Signature for Secure Electronic Health Record Application


  • Mohamad Ali Sadikin National Crypto Institute
  • Rini Wisnu Wardhani National Crypto Institute



Electronic Medical Record, Digital Signature, Cryptography, Java Programming


This research addresses the implementation of encryption and digital signature technique for electronic health record to prevent cybercrime such as robbery, modification and unauthorised access. In this research, RSA 2048-bit algorithm, AES 256-bit and SHA 256 will be implemented in Java programming language. Secure Electronic Health Record Information (SEHR) application design is intended to combine given services, such as confidentiality, integrity, authentication, and nonrepudiation. Cryptography is used to ensure the file records and electronic documents for detailed information on the medical past, present and future forecasts that have been given only to the intended patients. The document will be encrypted using an encryption algorithm based on NIST Standard. In the application, there are two schemes, namely the protection and verification scheme. This research uses black-box testing and whitebox testing to test the software input, output, and code without testing the process and design that occurs in the system.We demonstrated the implementation of cryptography in SEHR. The implementation of encryption and digital signature in this research can prevent archive thievery.

Plum Analytics

Author Biography

Mohamad Ali Sadikin, National Crypto Institute

Faculty of Engineering


M. H. Setiawan, “Perancangan secure electronic health record information system (studi kasus: Rumah sakit pusat angkatan darat gatot soebroto),” Bachelor Thesis, Sekolah Tinggi Sandi Negara, 2011.

L. Wilcox, “Using the electronic medical record to keep hospital patients informed,” Sciences, vol. 10, no. 4, 2010.

J. L. Schnipper, J. A. Linder, M. B. Palchuk, J. S. Einbinder, Q. Li, A. Postilnik, and B. Middleton, “smart forms” in an electronic medical record: documentation-based clinical decision support to improve disease management,” Journal of the American Medical Informatics Association, vol. 15, no. 4, pp. 513–523, 2008.

J. Spruell, D. Vicknair, and D. S., “Xxx,” XXX, 2016.

D. Garets and M. Davis, “Electronic medical records vs. electronic health records: yes, there is a difference,” Policy white paper. Chicago, HIMSS Analytics, pp. 1–14, 2006.

B. Kozier, Praktik keperawatan profesional: Konsep dan perspektif. Jakarta, Indonesia: EGC, 2007.

R. Zhang and L. Liu, “Security models and requirements for healthcare application clouds,” in 2010 IEEE 3rd International Conference on Cloud Computing. IEEE, 2010, pp. 268–275.

TS 18308 Health Informatics-Requirements for an Electronic Health Record Architecture, ANSI ISO Std., 2004.

Recommendation for Transition the Use of Cryptography Algorithms and Key Lenghts., NIST Std. NIST Special Publication 800-131A, 2011.

Guideline for Implementing Cryptography In the

Federal Government., NIST Std. NIST Special Publication 800-21A, 2005.

NCH. (2006) Electronic health records overview. Healthcare Information and Management Systems Society. Download on October 15, 2011. [Online]. Available:

D. T. Mon, “Defining the differences between the cpr, emr, and ehr.” Journal of AHIMA/American Health Information Management Association, vol. 75, no. 9, pp. 74–5, 2004.

WHO, Electronic health records: manual for developing countries. World Health Organization: Manila: WHO Regional Office for the Western Pacific, 2006.

“Peraturan menteri kesehatan republik indonesia nomor 269/menkes/per/iii/2008 tentang rekam medis.”

A. J. Menezes, P. C. Van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography (1992 CRC Press). ISBN, 1997.

S. P. Singh and R. Maini, “Comparison of data encryption algorithms,” International Journal of Computer Science and Communication, vol. 2, no. 1, pp. 125–127, 2011.

Sumarkidjo and et al, “Jelajah kriptologi,” 2007, national Crypto Agency.

W. Stalling, Cryptography and Network Security, 4th ed. Prentice Hall, 2005.

R. Munir, “Otentikasi dan tanda tangan digital,”Departemen Teknik Informatika, Institut Teknologi Bandung., Tech. Rep., 2004.

W. E. Perry, A Standard for Testing Application Software, 1990. Auerbach Publishers, 1989.

G. J. Myers, C. Sandler, and T. Badgett, The art of software testing. John Wiley & Sons, 2011.

W. C. Hetzel and B. Hetzel, The complete guide to software testing. John Wiley & Sons, Inc., 1991.

IEEE Standard Glossary of Software Engineering Terminology, IEEE Std., Dec 1990.

S. McConnell, Code complete. Pearson Education, 2004.

R. S. Pressman, Software engineering: a practitioner’s approach, 7th ed. Palgrave Macmillan, 2010.



Abstract 1176  .
PDF downloaded 838  .