摘要
针对用户密钥丢失导致加密数据不可恢复和传统数据库保护数据存在的问题,设计了一种高安全性的密钥恢复机制;该机制通过非对称加密算法、随机密钥加密用户备份信息,以及"一次一密"加密数据库等手段有效解决传统密钥恢复机制在密钥产生、存储、备份、恢复过程中的安全问题;安全性分析表明该方案能够有效地维护密钥的安全,确保除用户以外任何机构和个人都不能获得密钥,同时在用户丢失密钥时,能够安全恢复密钥,具有一定的实践性和推广价值。
This paper introduces a high security mechanism for key management to solve the problems, which are derived by key exposure and exploit of traditional database storage. In this mechanism, random encryption key, asymmetric encryption algorithm and one-time key for database encryption are used to ensure the key's safety in generation, storage, backup and recovery. The safety analysis demon- strates that, this mechanism can keep key secure, protect key from being obtained illegally, recover key securely when necessary, and be worthy of being popularized.
出处
《计算机测量与控制》
CSCD
2008年第11期1689-1691,1694,共4页
Computer Measurement &Control
基金
国防基础研究(C2720061361)
创业种子基金资助项目(200751)