计算机应用 ›› 2010, Vol. 30 ›› Issue (07): 1763-1766.

• 信息安全 • 上一篇    下一篇

面向重复数据消除的备份数据加密方法

王灿1,秦志光2,冯朝胜3,彭静4   

  1. 1. 电子科技大学
    2. 电子科技大学计算机科学与工程学院
    3. 四川师范大学计算机科学学院
    4. 成都信息工程学院
  • 收稿日期:2010-01-07 修回日期:2010-04-16 发布日期:2010-07-01 出版日期:2010-07-01
  • 通讯作者: 王灿
  • 基金资助:
    教育部培育基金;国家自然科学基金资助项目

Deduplication-oriented backup-data encryption method

  • Received:2010-01-07 Revised:2010-04-16 Online:2010-07-01 Published:2010-07-01

摘要: 为解决保证数据机密性与提高重复数据消除率之间的矛盾,提出了一种面向重复数据消除的备份数据加密方法,该方法利用分块内容的哈希值生成分块对称密钥,保证了明文分块与密文分块之间的一一对应。只要用户私钥和身份识别口令不同时泄露,该方法能够有效保证备份数据存储及传输过程中的机密性。实验结果表明,该方法较好地解决了传统加密方法与重复数据消除技术不兼容的问题,大幅度提高了加密备份数据的存储空间利用率,适用于对数据机密性有要求的海量数据备份应用。

关键词: 重复数据消除, 加密方法, 海量数据, 备份, 机密性

Abstract: In order to combine the data confidentiality and deduplication efficiency, a deduplicationoriented backupdata encryption method was proposed. According to the method, the symmetric keys, which were used to encrypt the chunks, were generated from the hash values of chunk contents in a consistent way. Thus, the one to one correspondence between the chunk plaintext and the chunk ciphertext could be guaranteed. The confidentiality of backupdata in storage and transmission can be protected efficiently on condition that the user's private key and identification password are not leaked simultaneously. The experimental results indicate that the method, unlike the traditional encryption method, can be compatible with the deduplication technology well, and the storage space utilization of encrypted backupdata can be improved notablely. This method is applicable to the backup of massive data, which has the requirement of confidentiality.

Key words: deduplication, encryption method, massive data, backup, confidentiality