| In the complex Internet environment today, data of individuals and enterprises are faced with a variety of security threats such as hardware/software failures, users'misoperation, and virus attacks. To protect important data against damage or loss, data backup technology has been widely used. However, the backup copys are also exposed to network full of security risks such as malicious software, backup devices loss, theft and unauthorized access.To tackle the aforementioned problems, this paper investigates various security mechanisms paticually in data encryption and authentication, and presents an auto-rolling encryption strategy for data backup and recovery system. Based on symmetric block encryption, our scheme uses a set of rolling keys with low correlation coefficient during encryption so as to reduce the interdependence between cipher texts and to enhance security.The paper gives a comprehensive discussion on the topics related to an encryption system such as encryption key generation, encryption key storage and management, encryption algorithm selection, authentication issues, and presents our solutions. Our scheme makes use of the random number generation algorithms in C++ standard library, one-dimensional logistic mapping in chaos theory and MD5 hash algorithm to generate a group of keys with low correlation coefficient. To ensure users could not get access to other users'encrypted files, we use the user account information as a factor to generate keys during encryption. This dynamic encryption key generation method also achieves user authentication. We select blowfish encryption algorithm because of its efficiency and high security.To tackle the backup file - encryption key mismatch problem after backup file is renamed or moved to another place, we uses NTFS file object ID as the file identification instead of file paths for encryption key mapping. Compared to file path mapping method, our method achieves effective key match during decryption.Compared to traditional encryption, our scheme effectively enhances data security with neglectable performance overhead. The auto-rolling encryption scheme is proved to be efficient and feasiable. |
PDF Full Text Request