Research On Format-preserving Encryption For Big Data Publishment

In today's big data environment,the protection of structured private data has the special requirements that are different from the traditional privacy protection,such as large amount of data,complicated data format and the ability to be analyzed after encryption.In order to solve the above problems,this topic studies the Format-Preserving Encryption(FPE)technology for big data publishment.By Formate-Preserving Encryption,the mass data can not only retain the original data format,which enables ciphertext meet the original format constraints,but also restored to plaintext data by decryption,preserving the full amount of information in plaintext.In this paper,the basic FPE scheme based on two-segment high pseudorandom permutation is proposed firstly.A variety of structured data FPE schemes are designed based on this baseic scheme,and the other structured data is transformed and mapped explicitly into the message space of the basic FPE scheme to perform FPE,and then map inversely to the original plaintext space to achieve the design of FPE for common data types in the database.Then,a scheme of format-preserving encryption with data of many strongly formatted data types is designed.This common format-preserving encryption model is suitable for strongly formatted data with multiple types and composite format constraint.In the situation that encrypted data need to be securely provided to third parties for data mining,this paper proposes a FPE scheme that preserves the properties of the interval segments for big data.The FPE scheme for big data contains two types:balanced section interval and unbalanced section interval.The ciphertext can preserve the segment interval attributes of plaintext based on format-preserving encryption,which greatly reduce the impact of accuracy by mining encrypted data.On the other hand,in order to improve the efficiency of the format-preserving encryption for mass data,this paper designs a format-preserving encryption technology based on the Spark platform and the HDFS system,and meets the encryption requirements of massive data through parallel computing.Finally,in order to validate the format-preserving encryption scheme for big data release,a distributed prototype system based on the Spark platform is built,and a format-preserving encryption application for big data is implemented on this system.The prototype system supports FPE on folders,TXT files,CSV files,and Excel files,and performs format-preserving encryption based on user-specified encryption schemes and entered keys.It has been verified that this FPE prototype system for big data effectively improves the efficiency of encryption.By comparing the accuracy of plaintext and ciphertext mining analysis on selected public data set,it is proved that the FPE scheme preserving the interval attributes preserves all the original attributes for the category data,and preserves certain characteristics for the numeric attributes,reducing the impact of the traditional FPE scheme on attribute characteristics.