Aiming at the issue of high risk of Database(DB) plaintext leakage,a DB encryption scheme based or Elliptic Curve Diffie-Hellman(ECDH) and Rijndael is proposed in this paper,which supports three kinds of key length,including 128 bit,192 bit and 256 bit.The session key is generated by the private key and public key.The private key is independent of the Database Management System(DBMS),which can eliminate the possibility of key leakage from the database.An experiment is performed on the.Net platform.Experimental results show that the new scheme can resist exhaustive attack,differential attack,etc.,and the maximum key space is 2256,and the encryption time,encryption efficiency and key sensitivity is desirable.%为降低数据库(DB)明文泄露的风险,提出一种基于ECDH和Rijndael算法的DB加密方案.该方案支持128 bit、192 bit、256 bit 3种密钥长度,通过对私钥与公钥之积进行转换,生成加密密钥,从而使私钥独立于数据库管理系统之外,防止密钥从数据库中泄露.基于.Net平台的实验结果表明,实现的加密系统密钥空间最大为2256,不同记录数下的加密时间、加密效果及密钥敏感性均令人满意,并能抵御穷举攻击和差分攻击.
展开▼