关键词: 密文数据库, 密钥管理, 椭圆曲线密码体制, 偏序关系, 用户分级

Abstract: This paper presents a key management scheme based on elliptic curve cryptosystem to solve the problem of rights management among hierarchical users and access the encrypted database. In the proposed scheme, each user can independently choose own user key, and securely transfer it to trusted center. The trusted center calculates the  relational parameters of the user having the partially ordered relation by using the elliptic curve cryptosystem after collecting the secret key parameters. The higher-privileged class will have the right to derive the key information created or owned by a user in a lower-privileged class, and then take advantage of it to decrypt the encrypted database which is also created by the lower-privileged class. The update method of the encrypted database is also considered after the partially ordered relation is changed. Experiments show that key generation, key derivation and access database have high efficiency and security.

Key words: encrypted database, key management, elliptic curve cryptosystem, partially ordered relation, user hierarchy