Research On Cryptosystem Of NoSQL Database

In mobile internet times, with the great progress of e-commerce、SNS network and cloud computing, data is growing in geometric speed. Traditional relational databases can’t cope with the storage of huge data and can’t also supply high performance to handle high concurrency of reading and writing. Therefore, many NoSQL databases are developed to solve this problem.2009 is the first year of NoSQL database’s era. Because NoSQL databases are coming too short, most of researches on NoSQL databases focus on how to design data storage model with high reliability, high availability and high augmentability, but there are few researches on the data security of NoSQL databases. Now, people commonly encrypt data using normal encryption algorithms and a secret key, and in order to get plaintext, people have to decrypt ciphertext, because encryption algorithms are not homomorphic algorithms. But it isn’t a good way, because it will cost too much computing resource for encryption and decryption and adversaries and malicious administrators can get plaintext when data is decrypted. Therefore, we do further study on the security of NoSQL databases and proposes an encryption model without decrypting data when doing operations on data.Firstly, the author studies many researches on data confidentiality, common data encryption algorithms such as random encryption algorithm, deterministic encryption algorithms, flow encryption algorithms, homomorphic encryption algorithms and ciphertext retrieval algorithms. Meanwhile, we do some researches about the cryptosystem of relational databases, such as CryptDb、SUNDR and Depot. Secondly, we designed a cryptosystem which adopt different encryption algorithms to different types of data, and adopt different encryption strength to different operations. Moreover, we developed an algorithm about ciphertext retrieval. We adopt onion encryption model to encrypting plaintext in different level, outer level to more confendential ciphertext and fewer operations. Thirdly, we design a key chaining system, which can guarantee data is safe when the user is offline. Fourthly, we evaluated the confendentiality and performance of the cryptosystem.The cryptosystem is a practical encryption model, which is satisfied in performance and confendentiality. The ratio of cryptograph’s size to the size of decrypted data is acceptable. The cryptosystem will have further effects on further sutdies.