Cloud Storage Data Encryption Method, Apparatus and System
First Claim
1. A cloud storage data encryption method comprising:
- according to the amount of data X expected to be stored into a cloud storage data center within a determined period of time, the proportion of local storage space to occupy R and the level of data security Z, calculating the size H of a random seed that should be generated;
according to the amount Y of plaintext data to be encrypted every time, calculating the data acquisition times u from the random seed;
generating and storing the random seed with the size of H according a preset method;
acquiring data for several times from the random seed, and cascading the data acquired each time into a random string of no shorter than the length of a plaintext;
according to the random string, generating a plaintext encryption bit identifier random string;
according to the plaintext encryption bit identifier random string, selecting more than one half of plaintext data for encryption; and
according to their positions in the plaintext, arranging the encrypted data and unencrypted data to form a ciphertext.
1 Assignment
0 Petitions
Accused Products
Abstract
This present application relates to the field of cloud storage security technology, and in particular, relates to a cloud storage data encryption method, apparatus and system. The method comprises: according to the amount of data X expected to be stored within the preset time, the proportion of local storage space R and the security level of data Z, calculating the size H of a random seed that should be generated; according to the amount Y of plaintext data every time, calculating the times u of random seed acquired; according to the times u, acquiring data from the generated random seed with the size of H for several times to generate a plaintext encryption bit identifier data string; by use of the data string, selecting more than one half of the plaintext data for encryption to form a ciphertext. This application also provides a cloud storage data encryption apparatus and system. This invention has reduced the amount of encrypted data to be stored without sacrifice in the degree of data security protection, thus greatly improves the cloud storage data encryption and decryption performance.
-
Citations
10 Claims
-
1. A cloud storage data encryption method comprising:
-
according to the amount of data X expected to be stored into a cloud storage data center within a determined period of time, the proportion of local storage space to occupy R and the level of data security Z, calculating the size H of a random seed that should be generated; according to the amount Y of plaintext data to be encrypted every time, calculating the data acquisition times u from the random seed; generating and storing the random seed with the size of H according a preset method; acquiring data for several times from the random seed, and cascading the data acquired each time into a random string of no shorter than the length of a plaintext; according to the random string, generating a plaintext encryption bit identifier random string; according to the plaintext encryption bit identifier random string, selecting more than one half of plaintext data for encryption; and according to their positions in the plaintext, arranging the encrypted data and unencrypted data to form a ciphertext. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A cloud storage data encryption apparatus comprising:
-
a random seed size and acquisition times calculation module for calculating the size H of a random seed that should be generated according to the amount of data X expected to be stored into the cloud storage data center within a determined period of time, the proportion of local storage space R and the level of data security Z, and calculating the data acquisition times u according to the amount Y of plaintext data to be encrypted every time; a true random number generation module for generating random numbers, and for generating the random seed with the corresponding size according to the size of the random seed and the size H of the random seed calculated by the random seed size and acquisition times calculation module; an encryption bit identifier random string generation module for acquiring data for several times from random seed generated by the true random number generation module, cascading the data acquired each time into a random string no shorter than the length of a plaintext, and according to the random string, generating a plaintext encryption bit identifier random string; a plaintext selective data encryption module for randomly selecting more than one half of the plaintext data for encryption according to the plaintext encryption bit identifier random string generated by the encryption bit identifier random string generation module; and a ciphertext formation module for arranging the data encrypted by the plaintext selective data encryption module and the unencrypted data according to their positions in the plaintext to form a ciphertext. - View Dependent Claims (9)
-
-
10. A cloud storage data encryption system comprising a cloud storage data encryption apparatus and a cloud storage data center;
- wherein the cloud storage data encryption apparatus comprises;
a random seed size and acquisition times calculation module, used for calculating the size H of a random seed that should be generated according to the amount of data X expected to be stored into the cloud storage data center within a certain period of time, the proportion of local storage space R and the level of data security Z, and calculating the data acquisition times u according to the amount Y of plaintext data to be encrypted every time; a true random number generation module, used for generating random numbers, and for generating the random seed with the corresponding size according to the size of the random seed and the size H of the random seed calculated by the random seed size and acquisition times calculation module; an encryption bit identifier random string generation module for acquiring data for several times from random seed generated by the true random number generation module, cascading the data acquired each time into a random string no shorter than the length of a plaintext, and according to the random string, generating a plaintext encryption bit identifier random string; a plaintext selective data encryption module for randomly selecting more than one half of the plaintext data for encryption according to the plaintext encryption bit identifier random string generated by the encryption bit identifier random string generation module; and a ciphertext formation module for arranging the data encrypted by the plaintext selective data encryption module and the unencrypted data according to their positions in the plaintext to form a ciphertext.
- wherein the cloud storage data encryption apparatus comprises;
Specification