,QWHUQDWLRQDO6HPLQDURQ,QWHOOLJHQW7HFKQRORJ\DQG,WV$SSOLFDWLRQ
Implementation of RSA 2048-bit and AES 256-bit
with Digital Signature for Secure Electronic Health
Record Application
Mohamad Ali Sadikin
Faculty of Engineering
National Crypto Institute
Bogor, Indonesia
mohamadalisadikin@gmail.com
Abstract—7KLV UHVHDUFK DGGUHVVHV WKH LPSOHPHQWDWLRQ
RI HQFU\SWLRQ DQG GLJLWDO VLJQDWXUH WHFKQLTXH IRU HOHFWURQLF
KHDOWK UHFRUG WR SUHYHQW F\EHUFULPH SUREOHP VXFK DV
UREEHU\ PRGLILFDWLRQ DQG XQDXWKRUL]HG DFFHVV ,Q WKLV
UHVHDUFK 56$ ELW DOJRULWKP $(6 ELW DQG
6+$  ZLOO EH LPSOHPHQWHG LQ -DYD SURJUDPPLQJ
Rini Wisnu Wardhani, MT.
National Crypto Institute
Bogor, Indonesia
rini.wisnu@stsn-nci.ac.id
Perceived benefits are increasing availability of electronic
patient records in hospitals, improving the efficiency in the
health care retrieval process [1], facilitating retrieval of
patient information [2], easy access to patient information
that ultimately help in clinical decision-making, reducing
operational impact cost and earnings improvement in health
6HFXUH (OHFWURQLF +HDOWK 5HFRUG ,QIRUPDWLRQ 6(+5
DSSOLFDWLRQ GHVLJQ LV LQWHQGHG WR FRPELQH JLYHQ VHUYLFHV
VXFK DV FRQILGHQWLDOLW\ LQWHJULW\ DXWKHQWLFDWLRQ DQG
QRQUHSXGLDWLRQ &U\SWRJUDSK\ LV XVHG WR HQVXUH WKH ILOH
UHFRUGV DQG HOHFWURQLF GRFXPHQWV IRU GHWDLOHG LQIRUPDWLRQ
RQ WKH PHGLFDO SDVW SUHVHQW DQG IXWXUH IRUHFDVWV WKDW KDYH
EHHQ JLYHQ RQO\ IRU WKH SDWLHQWV 7KH GRFXPHQW ZLOO EH
HQFU\SWHG XVLQJ DQ HQFU\SWLRQ DOJRULWKP EDVHG RQ
1,67 6WDQGDUG ,Q WKH DSSOLFDWLRQ WKHUH DUH WZR VFKHPHV
QDPHO\ WKH SURWHFWLRQ DQG YHULILFDWLRQ VFKHPH 7KLV UHVHDUFK
XVHV EODFNER[ WHVWLQJDQGZKLWHER[WHVWLQJWRWHVWWKHVRIWZDUH
LQSXW RXWSXW DQG FRGH ZLWKRXW WHVWLQJ WKH SURFHVV DQG
GHVLJQ WKDW RFFXUV LQ WKH V\VWHP:H GHPRQVWUDWHG WKH
LPSOHPHQWDWLRQ RI FU\SWRJUDSK\ LQ 6HFXUH (OHFWURQLF
care facilities, especially for hospitals [4].
An EHR should only be accessed and shared by
authorized health care providers such as doctors, nurses, lab
technicians due to its function to record any critical
information considering for every patient. That critical
information such as the enforcement of diagnosis, therapy,
avoids allergic reactions and drug duplication. [6]. This is
consistent with ethical considerations in the application of
information technology, where all health care providers have
a moral code that need to balance patient privacy with care
needs, including access to records of patients [7].
Recent paper research proposed that PKI (Public Key
+HDOWK 5HFRUG ,QIRUPDWLRQ 6(+5 7KH LPSOHPHQWDWLRQ
RI HQFU\SWLRQ DQG GLJLWDO VLJQDWXUH LQ WKLV UHVHDUFK
FDQ SUHYHQW DUFKLYH WKLHYHU\ ZKLFK LV VKRZQ RQ
LPSOHPHQWDWLRQDQGLVSURYHQRQWKHWHVW
.H\ZRUGV² (OHFWURQLF 0HGLFDO 5HFRUG 'LJLWDO 6LJQDWXUH
&U\SWRJUDSK\RQ-DYD3URJUDPPLQJ
I. INTRODUCTION
Medical records based on paper still have some flaws and
problems. Those problems occur ranging from physical
security, requiring storage area resource, difficult to transfer
or communication the information, easily damaged and
destroyed. If the storage process is not stated properly, then it
will be complicate the search process (information retrieval).
In addition to the many possible disasters, Health Record
Information is a personal data for someone and human life.
For that, we need a solution to resolve the issue.
The process of manually organizing and managing on
paper media has a few shortcomings in the aspect of
information security that is confidentiality, data integrity,
availability, non-repudiation, and authentication [13]. The
electronic health records (EHR) has great benefits to health
services such as primary and referral service facilities
(hospitals).
‹,(((
Infrastructure), symmetric key and login password for
authentication are used for the security of the EHR [20].
Based on ISO/TS 18308 [19] standard, the primary purpose
of the EHR is to provide a documented record of care which
supports both present and future care received by the patient
from the same or other clinicians or care providers. This
documentation provides a mean of communication among
clinicians contributing to the patient’s care.
In this paper, EHR was designed and built using digital
signature and file encryption. Digital signature and file
encryption are used not only to solve confidentiality, data
integrity, availability, non-repudiation, and authentication
problem but also to prevent robbery, modification and
unauthorized access. Secure Electronic Health Record
Information (SEHR) is a secure electronic health record
which uses RSA 2048 bit [16], AES 256 bit [15] and SHA
256-bit algorithm that is implemented in Java programming.
The cryptography aspect is expected to ensure the file
records and electronic documents on patient’s identity,
examination, treatment, action and service given and the
authorized person.

 II. FUNDAMENTAL THEORY • Compute and .
A. Electronic Health Record • Choose a random integer e, , so that
Electronic Health Record (EHR) is a comprehensive .
patient's health information electronic record which is the
integration of multiple health information databases. • Use Extended Euclidean Algorithm to compute d
Information provided includes patient demographics, where , so that .
progress notes, problems, medications, vital signs, past • Public key : ; private key :
medical history, immunizations, laboratory data and
radiology reports [8]. 2) Signing
The electronic health record includes all information • Compute , an integer in range
contained in a traditional health record including a patient’s
health profile, behavioral and environmental information. • Compute
The EHR also includes the dimension of time, which allows • A’s Digital Signature for :
inclusion of information across multiple episodes and
providers, which will ultimately evolve into a lifetime record 3) Verification
[5]. The EHR defined here contains all personal health
information belonging to an individual; Is entered and • Getting A’s public key:
accessed electronically by healthcare providers over the • Compute
patient’s lifetime; and Extends beyond acute inpatient
situations, including all ambulatory care settings at which the Verification of s and sƍ: if the value of s = sƍ then the
patient receives care [9]. digital signature is authentic.
Based on the Regulation of the Minister of Health about C. Advanced Encryption Standard (AES)
the filling of medical records, it is stated that legal sanction
can be given for the hospital or health workers who heed and AES is a block cipher algorithm which is intended to
do mistakes in filling the pages of medical records [14]. replace DES algorithm as a standard recognized for some
applications [11]. AES is also a standard algorithm for data
B. Digital Signature encryption and decryption (Eric Conrad, Advanced
Cryptography focuses on the issue of maintaining the Encryption Standard). In this research AES is used because
confidentiality of an information by using methods and due to its advantages to secure documents and is proven to be
mathematical techniques that include confidentiality, the data safe based on NIST Standard [15]. The AES algorithm
integrity, entity authentication, and data origin authentication outline is as follows:
[10].
RSA Algorithm (Rivest, Shamir, Adleman) is an
asymmetric cryptographic invented by Rivest, A. Shamir,
and L. Adleman in 1997 [10]. In this research, RSA
algorithm is applied as a digital signature scheme. The RSA
algorithm is used due to its fast computation compared to
ECDSA and DSA [17].

Fig. 2. Encryption Process Diagram [12]

For the decryption process, inverse process is used at the

Fig. 1. Digital Signature Scheme [18]
In the process of signature generation and verification,
entity A marks message m ‫ א‬. Entity B can verify A's
signature and return message m from the signature.
1) Key generation in RSA Digital Signature
• Determine randomly two large prime numbers p and
q.
transformation stage. The process starts from InvSubBytes,
InvShiftRows, and ends in InvMixColumns. Because of this,
S-box for encryption and decryption are different. In the
decryption process, the used S-box is the inverse S-box.
D. Secure Hash Algorithm 256 bit (SHA)
SHA-256 is used to generate hash value from the
message , with length bit, where . This
algorithm uses:


 ,QWHUQDWLRQDO6HPLQDURQ,QWHOOLJHQW7HFKQRORJ\DQG,WV$SSOLFDWLRQ
1) Message Schedule from 64 words 32-bit. Words of
message schedule are labeled as . generated and stored in the protection stage is performed.
2) Eight 32 bit variabels, labeled as and
. digital signature value of the hashed document using public
3) The has value of eight 32-bit words are labeled as
. document is successfully decrypted and proven to be
Preprocessing consists of three steps, namely message
padding, split up the message into message blocks, and set
the initialization hash value . Then proceed with to the
SHA-256 computing process.
III. SECURE ELECTRONIC HEALTH RECORD
APPLICATION
A. General Description The Application
Secure Electronic Health Record application is an
application that applies the concept of digital signatures
using RSA algorithm and SHA-256 while for the encryption
process, AES-256 block cipher algorithm is used.
The application will be implemented in Java
programming language that guarantees the integrity,
confidentiality, authentication and non-repudiation. Java
language is used because it is more mobile, multi-platform,
object oriented, portable, and open source. It has two
schemes which are the protection scheme and verification
scheme. It is assumed that the protection and verification
processes are contained in one application The protection
step is on the tab SIGN & ENCRYPT while the verification
process is on the VERIFICATION tab.
1) Signing and Encryption scheme : On the protection
schemes, there are two processes running, the securing
process (encryption) and the authenticating process (signing).
The generation of the private key and public key is done
before the encryption and signing process executed. The
scheme of securing and authenticating documents is done in
a simple manner as shown in fig 3.
Fig. 3. Encryption and Signing Scheme
2) Verification Scheme : The verification process is done
by reversing the signing process. File is first decrypted using
a key that has been used previously in the encryption
process. After this process, the file is hashed and then digital
‹,(((
signature calculations using a public key that has been
The verification process is the process of calculating the
key. If appropriate, it will display a notification that the
authentic. If it does not match, the notification will show that
the document was not authentic or has been a change.
Fig. 4. Verification Scheme
B. Implementation of Secure Electronic Health Record
Application (SEHR)
The implementation of digital signature File Encryption
includes steps using SEHR application. Steps in the
implementation of SEHR application are as follows:
1) Login process: When the user runs the application,
Welcome message will appear to start log in process. User
needs to fill the USERNAME and PASSWORD fields. By
pressing the LOGIN button, the login process will be
executed. The application will verify the username and
password submited by the user. If the password corrects, the
application main view will be displayed. However, if the
username, password, or both incorrect, then notification
appears and user cannot access to the next application
process. Following is a snippet from the source code of
Class login ():
String UserName = jTextField1.getText();
String Password = jPasswordField1.getText();
if(UserName.equals("dikin")&&(Password.equals("123456
"))){ JOptionPane.showMessageDialog(null,"LOGIN
SUCCESS"+"\n WEL
COME TO Electronic Medical Record Application"+"\n
Application by: MOHAMAD ALI SADIKIN"+"\n
SEKOLAH TINGGI SANDI NEGARA"+"\n 1413101075", "file"
,JOptionPane.INFORMATION_MESSAGE);
dispose(); new latjab().setVisible(true);}
else{
JOptionPane.showMessageDialog(null,
"WHO ARE YOU ?? I DON’T KNOW YOU ( -_-')",
"ERROR !!",JOptionPane.ERROR_MESSAGE);}}

 3) Signing and Encryption: User needs to input
document in the field FILE to start the signing and
encrypting process. Furthermore, the user input the key in the
field INPUT KEY. To encrypt the document user needs to
press the ENCRYPT button. When the user pressing SIGN
button, signcrypt method will be running and the document
has been signed and encrypted. Following is a snippet from
the source code of Class signcrypt and the application view
when the application executes the signing and encryption
process.

Fig. 5. Login System Class signcrypt{Private void

jButton4ActionPerformed(java.awt.event.ActionEvent
2) Generate RSA Key : User generate key by pressing evt) { String kunciaes=jTextField2.getText();
File file = new File(NamaFile);
Generate RSA KEY button. In the applications secure try {pesanstring = FileUtils.readFileToString(file);
random is used to generate RSA private key and public key } catch(IOExceptionex)
parameters. Furthermore, by pressing the SAVE button, the {Logger.getLogger(latjab.class. getName ()).log
private key and public key will be stored on the file (Level.SEVERE, null,
ex);}try{pesanterenkrip=AES.encryptAES(pesanstring,ku
extension * .txt and a notification that the private key and nciaes);}catch(Exceptionex){Logger.getLogger(latjab.c
public key have been successfully generated and stored is lass.getName()).log(Level.SEVERE, null, ex);
displayed. Folowing is a snippet from the source code of }String aku= "e:/LSM1";File file1=new
File(aku,"encryptedaes.txt");
Class RSA and the view of application when RSA key
try { FileUtils.write(file1, pesanterenkrip);
generated. }catch(IOExceptionex){Logger.getLogger(latjab.class.g
etName()).log(Level.SEVERE, null, ex); } }
public class RSA { private void jButton5ActionPerformed
private BigInteger p; private BigInteger q; (java.awt.event.ActionEvent evt) {try
private BigInteger N; rivate BigInteger phi; private {b.encrypt(a.k);
BigInteger e; private BigInteger d; private int JOptionPane.showMessageDialog(null,"FILE SUCCESSFULLY
bitlength = 1024; private int blocksize = 256; SIGNED AND ENCRYPTED",
//blocksize in byte "DONE",JOptionPane.INFORMATION_MESSAGE);}
private SecureRandom r; BigInteger pesan; String catch (IOException ex) {
Privat; String Public; string g; BigInteger Logger.getLogger(latjab.class.getName()).log(Level.SE
s,v;String y; public RSA(){ r = new SecureRandom(); VERE, null, ex);
p = BigInteger.probablePrime(bitlength, r); }}
q = BigInteger.probablePrime(bitlength, r);
N = p.multiply(q);
byte [] byt=p.toByteArray(); phi=
p.subtract(BigInteger.ONE).multiply(q.subtract(BigInt
eger.ONE)); e = BigInteger.probablePrime(bitlength/2,
r); while(phi.gcd(e).compareTo(BigInteger.ONE) > 0 &&
e.compareTo(phi) < 0 ) { e.add(BigInteger.ONE); }
d = e.modInverse(phi); Public=e.toString();
Privat=d.toString() }
public RSA (BigInteger e, BigInteger d,
BigInteger N) {
this.e = e; this.d = d; this.N = N; }

Fig. 7. Signing and Encryption on SEHR Application

The output of this process stored in a location where the

document was taken with a different file name with the
original file. Signed and encrypted files are stored as a file
Fig. 6. Generate RSA Key extension *.txt. Furthermore, these files will be used in the
verification process.


 4) Verification : Implementation of verification scheme IV. RESULT
is made separately with the protection schemes even though Black-box testing, and White box testing conducted to
they are contained in a single application. To run the test software in terms of functional input, output and code.
verification process it takes three inputs which are a
document file that has been encrypted (file results from A. Black-box Testing
encryption process with extension * .txt), the signature file The black-box approach is a testing method in which test
(file output from signing process with extension * .txt), and data are derived from the specified functional requirements
the key to decrypt the encrypted file. In this process, the user without regard to the final program structure [21]. It is also
is asked to input encrypted file documents, digital signature, termed data-driven, input/output driven [22], or
decryption keys and then press the Verify button. After that, requirements-based [23] testing. In this paper the black-box
the application will verify the digital signature. The output of testing is presented in the following table:
this process is a notification wether the verified decrypted TABLE I. BLACK-BOX TESTING ON SIGNING AND ENCRYPTION
document is same as the original. Following is a snippet from
the source code of Class verification and the application view No Input Given Output Expected
when the verification process is executed. User input The system checks the username
username, and password. If the username
Private void jButton10ActionPerformed(java.awt.event.ActionEvent 1. password, and and password are approperiate
evt){ press LOGIN according to the database, it will
String kunciaes=jTextField5.getText(); button go to the application
try { pesandekrip=AES.decryptAES(pesanterenkrip, kunciaes); User press Application show key pair of RSA
} catch (Exception ex) { 2. generate RSA key
Logger.getLogger(latjab.class.getName()).log(Level.SEVERE, null, ex); KEY button
} System.out.println("pesan hasil dekripsi = "+ pesandekrip);} User press The system save key pair on the
private void 3. SAVE button database
jButton8ActionPerformed(java.awt.event.ActionEvent evt) {
try { b.dekrip();} catch (IOException ex) { User press The application show hash value
Logger.getLogger(latjab.class.getName()).log(Level.SEVERE, 4. HASH button of message and save it into
null, ex); } database
if (b.v.equals(a.k)) { JOptionPane.showMessageDialog(null, User input key The application show the key,
"DOCUMENT IS AUTHENTIC\n" 5. and press encrypt the message with AES-
+ "FILE SUCCESSFULLY DECRYPTED\n", "VERIFIED", ENCRYPT 256 bits and save the cipher text
JOptionPane.INFORMATION_MESSAGE); button into database
} else { JOptionPane.showMessageDialog(null, "DOCUMENT IS NOT The application will show
AUTHENTIC\n" + "FILE UNSUCCESSFULLY DECRYPTED\n",
6. User press notification that file is succesfully
"UNVERIFIED", JOptionPane.ERROR_MESSAGE); } } SIGN button encrypted and signed. Then
signature is saved into database

TABLE II. BLACK-BOX TESTING ON VERIFICATION

No. Input Given Output Expected

1. User press The application show the
BROWSE encrypted and signed file.
button
2. User input key Application show the key, decrypt
and press the file and saved it into database.
decrypt button
3. User press The system show notification that
VERIFICATI file is succesfully decrypted and
ON button is authentic.
The result of black-box testing shows that all output is
exactly to what are expected.
B. White-box Testing
Fig. 8. Verification on SEHR Application White-box testing is testing that takes the internal
mechanism of a system or component into account [24].
On verification process source code pieces and figure, it In the development of this software, white box testing is
can be seen that in order to verify the documents it takes done by using Kilo Lines of Code calculation mechanism.
three documents which are the decrypted document, For that, first, calculating the lines of code for each file that
signature, and public key. If one among those there is not containing program code. Amount of code in each file are
appropriate, then the document will not be verified. It can be presented in following table:
stated that the verification failed.


 TABLE III. TESTING OF CORRECTNESS ASPECT
REFERENCES
File’s Name Amount of lines Code
Folder/src [1] Wilcox L. Using the Electronic Medical Record to Keep Hospital
AES.java 68 Patients Informed. Sciences-New York [Internet]. 2010;11–4.
[2] Chnipper JELS, Inder JEAL, Alchuk MABP, Inbinder JOSE, Ostilnik
RSA.java 127 ANP, Iddleton BLM, et al. “ Smart Forms ” in an Electronic Medical
SHA.java 40 Recordௗ: Documentation-based Clinical Decision Support to Improve
Login.java 150 Disease Management. Journal of the American Medical Informatics
Association. 2008;15(4):17–20.
Main.java 600 [3] Dinevski D, Bele U, Šarenac T. Clinical decision support systems.
Folder/nbproject Studies in health technology and informatics. 2013 Jan;183:105.
Build-impl.xml 1430 [4] Spruell, James; Vicknair, David; Dochterman S. Report Information
from ProQuest. Proquest. 2013;(February).
Project.xml 10 [5] Mon, DT. Defining the Differences between the CPR, EMR, and EHR.
Private.xml 5 Journal of AHIMA. October 2004; 75/9, 74.
Total of Lines Code 2430 Line of code [6] Garets&Davis. (2006). Electronic Medical Records vs. Electronic
Health Records: Yes, There Is a Difference. Diperoleh melalui
Total of KLOC 2.430 KLOC http://www.himssanalytics.org. Diakses tanggal 30 Oktober 2011.
[7] Kozier, B. (2007). Praktik Keperawatan Profesional: Konsep dan
Based on the lines of code calculation in the source code Perspektif . Jakarta: EGC
of Secure Electronic Health Record application using the [8] National Center for Health. (2006). Electronic Health Records
Overview. Diperoleh melalui www.himss.org/. Diakses tanggal 15
Java programming language, the value in 2430 of LOC or Oktober 2011
2.430 of KLOC is obtained. Then the values inserted into the [9] World Health Organization. 2006. Electronic Health Records: Manual
KLOC calculation model as shown in the following table: for Developing Countries : WHO Library Cataloguing in Publication
Data
TABLE IV. METHOD OF CORRECTNESS CALCULATION [26] [10] Menezes, Alfred J dkk.1997. Handbook of Applied Cryptography.
Florida: CRC
Method Formula [11] Stalling, William. Cryptography and Network Security 4th Edition,
Prentice Hall. 2005.
Walston-Felix Model [12] Munir, Rinaldi. 2004. Otentikasi dan Tanda Tangan Digital.
Bailey-Basili Model Departemen Teknik Informatika Institut Teknologi Bandung.
[13] Setiawan, Mahful Hudha. 2011. Perancangan Secure Electronic Health
Boehm simple Model Record Information System (Studi Kasus : Rumah Sakit Pusat
Doty model for KLOC> 9 Angkatan Darat Gatot Soebroto). Sekolah Tinggi Sandi Negara
(for code more than 9000 [14] Peraturan Menteri Kesehatan Republik Indonesia Nomor
269/MENKES/PER/III/2008 tentang Rekam Medis
lines) [15] NIST Special Publication 800-21A. 2005. Guideline for Implementing
Doty Model is not used because total of code are less than Cryptography In the Federal Government.
9000 lines. Folowing table are the results of correctness [16] NIST Special Publication 800-131A. 2011. Recommendation for
Transition the Use of Cryptography Algorithms and Key Lenghts.
calculations testing using the Waltson-Felix, Bailey-Basili [17] Singh, Preet Simar. Maini, Raman. 2011. Comparison Of Data
and Boehm methods: Encryption Algorithms.-International Journal of Computer Science and
Communication. Univecity, India: Patiala.
TABLE V. RESULT OF CORRECTNESS CALCULATION TESTING [18] Sumarkidjo, dkk. 2007. Jelajah Kriptologi : National Crypto Agency
[19] ANSI, ISO/TS 18308 Health Informatics-Requirements for an
Method Result Electronic Health Record Architecture, ISO 2004.
Walston-Felix Model [20] Zhang, Rui, Ling Liu. Security Models and Requirements for
= 11.67 Healthcare Application Clouds: Georgia Institute of Technology
Bailey-Basili Model [21] William E. Perry. 1990. A standard for testing application software
[22] Myers, Glenford J., The art of software testing, Publication info: New
Boehm simple Model York : Wiley, c1979. ISBN: 0471043281 Physical description: xi, 177
= 8.29 p. : ill. ; 24 cm.
The obtained error density value was 11.67, 7.54 and 8.29 [23] Hetzel, William C., The Complete Guide to Software Testing, 2nd ed.
with size of project less than 16,000 lines of code, then the Publication info: Wellesley, Mass. : QED Information Sciences, 1988.
value of the error density is in the range 0-40 per KLOC ISBN: 0894352423.Physical description: ix, 280 p. : ill ; 24 cm.
[24] IEEE. (1990). IEEE Standard Glossary of Software Engineering
error as stated by Steve McConnell [25]. Therefore, it can be Technology. New York: IEEE.
concluded that the application of Secure Electronic Health [25] McConnell, S. (2004). Code Complete, A Practical Handbook of
Record Using Java Programming Languages has meet the Software Construction : 2nd Edition. Microsoft Press.
standards of software quality for correctness aspect. [26] Pressman, R. S. (2010). Software Engineering: A Practitioner’s
Approach, (7th Ed). New York: McGraw-Hill Companies.
V. CONCLUSION
Encryption could be implemented on Secure Electronic
Health Record as shown on Java implementation and proved
on the testing. The result of black-box testing shows that all
output is exactly to what are expected. White box Testing
shows that the obtained error density value was 11.67, 7.54
and 8.29 with size of project less than 16,000 lines of code.