Web Secure Login Design With Symetric Encription RC-6 Algorithm

Abstract

Authentication techniques that use at many web pages and easy to do is use user-id and password. However, these techniques are vulnerable to theft user-id and password when sent from client to server. For that given an alternative security by encrypting the user-id and password at client side before being sent to the server. The algorithm used is symmetric algorithm RC-6, designed with javascript on the client side and PHP on the server side. Based on RC-6 Symmetric encryption algorithm, the research done by creating a generating keys script for encryption and decryption, encryption RC-6 with javascript, decryption RC-6 with PHP and the design of a prototype web page with a login that already uses encryption. Using the program fidller and wireshark shows that a web page with login form that does not use encryption to send user-id and password in plaintext form so easily obtained by the sniffer. While in the web pages that use encryption, user-id and password is sent in the form of ciphertext. The addition of a web page access time is shown by firebug, where on the web pages that use encryption are adding an average access time of 64.67 ms.