本文選題：加密技術(shù)　切入點：備份　出處：《電子科技大學(xué)》2013年碩士論文

【摘要】：隨著整個社會電子商務(wù)業(yè)的蓬勃發(fā)展以及公安系統(tǒng)信息技術(shù)的普及，現(xiàn)代化公安系統(tǒng)的運作對信息技術(shù)的依賴也日益增加。由于關(guān)鍵數(shù)據(jù)一旦被竊取將會導(dǎo)致公安系統(tǒng)難以估計的損失，越來越多的關(guān)鍵數(shù)據(jù)需要機密地保存在計算機系統(tǒng)中。因此，如何簡易地對這些數(shù)據(jù)進行加密，如何有效地保管口令和密鑰已經(jīng)成為當今研究的熱門課題。 本文針對網(wǎng)絡(luò)磁盤數(shù)據(jù)災(zāi)難備份系統(tǒng)的數(shù)據(jù)加密技術(shù)進行了研究，在對比分析了各種加密技術(shù)的基礎(chǔ)上，構(gòu)建出了一個適合該網(wǎng)絡(luò)磁盤數(shù)據(jù)災(zāi)難備份系統(tǒng)的加密方案，并對該系統(tǒng)的設(shè)計與實現(xiàn)過程進行了詳細的介紹。該系統(tǒng)是基于B/S架構(gòu)之上，鑒于加密的速度與密鑰的管理問題，本文所實現(xiàn)的加密系統(tǒng)采用的是數(shù)字信封的方法，即加密時在發(fā)送端生成隨機對稱密鑰，通過利用對稱密鑰對文件數(shù)據(jù)進行加密，，然后再利用發(fā)送方的密鑰口令對對稱密鑰進行加密，再將加密后的對稱密鑰和密鑰口令的md5值生成數(shù)字信封文件保存在發(fā)送端，由發(fā)送方自己保管，最后再將加密后的備份文件上傳到災(zāi)備中心。利用這種方式既確保了對文件數(shù)據(jù)的完整性和安全性，同時又能有效地實現(xiàn)加密過程的高效性以及密鑰管理的簡易性。 最后對本文所實現(xiàn)的系統(tǒng)的功能和性能進行了測試并得出結(jié)論：用錯誤的密鑰，即使用戶能將共享文件恢復(fù)到服務(wù)器端，但是依舊無法獲取正確的內(nèi)容，只有利用了正確的密鑰，才可以將文件正確的恢復(fù)，從而獲得正確的文件內(nèi)容。在性能上，備份文件集的加密過程在備份總流程中所用的時間比較多。隨著加密文件集的增大，所用的加密時間也會相應(yīng)增加；而對于兩種不同的加密算法3DES和AES-128來說，在加密文件的容量都比較小的情況下，所用的加密時間相差無幾；但是隨著加密文件集容量的增加，3DES算法加密所用的時間明顯比AES-128算法所用時間增加得多。
[Abstract]:With the vigorous development of electronic commerce and the popularization of information technology in public security system, The operation of the modern public security system is also increasingly dependent on information technology. As the theft of key data will lead to an incalculable loss of the public security system, More and more key data need to be kept confidentially in computer system. Therefore, how to encrypt these data easily, how to keep password and key effectively has become a hot research topic. In this paper, the data encryption technology of the network disk data disaster backup system is studied. Based on the comparison and analysis of various encryption techniques, an encryption scheme suitable for the network disk data disaster backup system is constructed. The design and implementation of the system are introduced in detail. The system is based on the B / S architecture. In view of the problem of encryption speed and key management, the encryption system implemented in this paper adopts the method of digital envelope. In other words, the random symmetric key is generated at the sending end, the file data is encrypted by using the symmetric key, and then the symmetric key is encrypted by using the key password of the sender. Then, the encrypted symmetric key and the md5 value of the key password are generated into the digital envelope file, which is kept by the sender himself. Finally, the encrypted backup files are uploaded to the disaster preparedness center, which not only ensures the integrity and security of file data, but also effectively realizes the high efficiency of encryption process and the simplicity of key management. Finally, the function and performance of the system implemented in this paper are tested and concluded: with the wrong key, even if the user can restore the shared file to the server, it still can not get the correct content. Only when the correct key is used can the file be restored correctly and the correct file content can be obtained. In terms of performance, the encryption process of the backup file set takes more time in the backup total process. As the encrypted file set increases, For the two different encryption algorithms 3DES and AES-128, the encryption time is the same when the capacity of encrypted files is small. However, with the increase of the capacity of encrypted file sets, the encryption time of the algorithm is much longer than that of the AES-128 algorithm.
【學(xué)位授予單位】：電子科技大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2013
【分類號】：TP333.35;TN918.4;TP311.52

【參考文獻】

相關(guān)期刊論文 前4條

1 楊義先;姚文斌;陳釗;;信息系統(tǒng)災(zāi)備技術(shù)綜論[J];北京郵電大學(xué)學(xué)報;2010年02期

2 沈昌祥;張煥國;馮登國;曹珍富;黃繼武;;信息安全綜述[J];中國科學(xué)(E輯:信息科學(xué));2007年02期

3 馮登國;可證明安全性理論與方法研究[J];軟件學(xué)報;2005年10期

4 馮登國;國內(nèi)外密碼學(xué)研究現(xiàn)狀及發(fā)展趨勢[J];通信學(xué)報;2002年05期

相關(guān)碩士學(xué)位論文 前3條

1 繆黎明;基于PKI的身份認證和數(shù)據(jù)加密的研究[D];浙江大學(xué);2008年

2 羅淑丹;認證密鑰協(xié)商協(xié)議的研究[D];電子科技大學(xué);2009年

3 巫鐘興;數(shù)據(jù)加密傳輸系統(tǒng)的研究與應(yīng)用[D];北京化工大學(xué);2010年

本文編號：1655098