Research And Application Of Identity-based Format Preserving Encryption Scheme

With the vigorous development of big data,cloud computing and other technologies,the value of data is gradually highlighted.Data security has become particularly important.Data masking technology can effectively solve the problem of security risks such as data tampering.While traditional data masking will change the format of the data,which will not only greatly reduce the effect of ciphertext data,but also bring huge pressure on database storage.Format preserving encryption is one of the effective techniques to solve the problems above.The characteristic of format preserving encryption is that the format characteristics of encrypted ciphertext and plaintext are the same.Currently,the industry uses traditional symmetric cryptosystem format preserving encryption to achieve data masking,but traditional format preserving encryption has the disadvantage of high cost of key management.In view of this,it is particularly important to study the format-preserving encryption scheme with efficient key derivation function and apply it to data masking environment.In this paper,based on the requirements of data masking and database storage,drawing on the idea of hybrid encryption,the identity-based format preserving encryption scheme is researched and applied.Specific research contents include:(1)The scheme of identity-based format preserving encryption applied to data masking technology is proposed.First of all,the scheme retains the characteristics of the traditional format preserving encryption scheme,which can efficiently maintain data integrity.At the same time,the scheme adopts a hybrid encryption method and solves the key storage problem under the traditional format preserving encryption by improving the key derivation function.(2)Apply the identity-based format preserving encryption scheme to the database storage system.The format preserving encryption scheme has the special property of ensuring that the plaintext and ciphertext format characteristics are the same.Therefore,this technique can be applied to database storage.In this paper,the identity-based format preserving encryption scheme is applied to the database storage system.Combined with the needs of privacy vehicle information protection in the Internet of Vehicles,a vehicle privacy information storage system is designed.The system uses the identity-based format preserving encryption to encrypt information of both vehicle owner and vehicle,and realizes "one-key encrypted storage" of sensitive information(such as name,ID number,license plate number,etc.).