Research And Implementation Of A Database Encryption System Outside The DBMS Based On The Chinese Remainder Theorem

The widely use of database applications brings us much convenience both in our work and daily life. Meanwhile, sensitive data in databases is easily compromised either by outside attackers or inside malicious users. Though, the database management system (DBMS) itself takes measures, such as user authentication and access control, to protect such sensitive information, attackers still can directly obtain the data file by bypassing the DBMS. In another case, when databases are provided as a service (DAS), the service provider may not be trustworthy. The most effective way to prevent sensitive data from disclosure is database encryption, which is to store the data with encrypted form. To develop an efficient database encryption system is of great significance.In this thesis, we firstly discuss the common anti-attack measures took in today’s database systems, analyze the problems exist, and find out database encryption is the best way to stick up to sensitive data disclosure. Then we introduce some basic concepts of database encryption and some key problems should be well considered.An improved database encryption scheme based on the Chinese Remainder Theorem (CRT) is proposed and the cryptanalysis is also given that shows our scheme can withstand both known-plaintext attacks and collusion attacks. In this scheme, the encryption algorithm includes two stages: First, we put a binary transformation on the raw plaintext. Second, we apply the CRT on the result of the first stage to produce a cipher text for each record. We employ a multilevel key management mechanism that the work key is dynamically generated by a key generator according the database global key, table key, field and record keys.Based on the open source DBMS, MYSQL, we design and implement a simple database encryption system. This system is implemented outside the DBMS kernel and all the encryption and decryption operations are transparent for users. It allows users to selectively define fields need to be encrypted. Only with the correct decrypt key, users can get the plaintext of the sensitive information that stored with the encrypted form.