In order to solve that the electronic documents in Internet environment cannot safely and completely self-destruct when expiring, this paper presents a file lifecycle control method.Through two hash calculations and multiple encryptions,and by introducing the layers idea in Web programming,we added the deadline,times and destruction strategies to the header of files as attributes.We divided the encrypted files into the storage layer and the control layer.The files will be destroyed according to destruction policy after their lifecycles are expired.Experi-mental results showed that this method did not need the intervention exposed by any user or the trusted third party on the basis of implementing the capability of resisting traditional cryptographic or brute-force attacks.The safety of the files with hybrid encryption is enhanced,and the de-structed cipher text or keys can no longer be restored.%针对目前互联网环境中电子文件数据到期后无法安全彻底自毁现象,提出一种文件生命周期控制方法。通过两次散列和多重加密,引入 Web 分层思想,将时间、次数和销毁策略作为属性添加到文件头部,将加密后的文件分为存储层和控制层,文件生命周期结束后按照销毁策略销毁文件。实验结果表明,该方法在实现可抵抗传统密码攻击和蛮力攻击的基础上,不需要任何用户或者可信第三方进行干预,混合加密后的文件安全性得到增强,销毁后的明文和密钥皆无法恢复。
展开▼
