Database security distributed backup method based on secret sharing

By employing a secret-sharing algorithm in the database to segment and distribute sensitive information, combined with encryption and password sharing methods, the security and recovery efficiency issues of traditional database backup are solved, achieving secure and efficient data recovery.

CN122240397APending Publication Date: 2026-06-19SHANGHAI YINAN TECHNOLOGY CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
SHANGHAI YINAN TECHNOLOGY CO LTD
Filing Date
2026-03-16
Publication Date
2026-06-19

AI Technical Summary

Technical Problem

Traditional database backup methods suffer from single point of failure risks, data leakage risks, and low recovery efficiency, making it urgent to improve the security and recovery efficiency of database backup data.

Method used

A secret-sharing-based approach is adopted to divide sensitive database information into multiple parts and distribute them across multiple backup nodes. Data security is ensured through encryption and password shares. The Shamir secret-sharing algorithm and hash function are used to generate storage codes and password shares, and a mapping table is constructed to achieve secure recovery.

Benefits of technology

It enables secure backup of sensitive database information, prevents data leakage, improves the fault tolerance and recovery efficiency of the backup system, and ensures that only authorized users can access sensitive information.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122240397A_ABST
    Figure CN122240397A_ABST
Patent Text Reader

Abstract

This invention discloses a secure distributed backup method for databases based on secret sharing, relating to the field of database security technology. The method includes: selecting n backup nodes, setting a recovery threshold t, extracting sensitive information from the database, and using a secret sharing algorithm to divide the sensitive information into n shares within the backup nodes; allocating each share to a corresponding backup node for storage; adding a password share to each share stored in each backup node to construct an encrypted share; creating a mapping table based on the correspondence between backup nodes and encrypted shares; receiving a recovery request, retrieving the encrypted share from several backup nodes based on the response request and the mapping table, and decoding the retrieved encrypted share to obtain the sensitive information. This invention ensures data security during the backup process by dividing and encrypting sensitive information in the database and then distributing the divided information across multiple backup nodes.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of database security technology, and more specifically to a secure distributed backup method for databases based on secret sharing. Background Technology

[0002] Traditional database backup techniques typically involve directly copying data to a remote server or cloud storage. However, this method carries security risks; if the backup storage medium or server is attacked, sensitive information in the database may be leaked. With the rapid development of information technology, databases, as a core component of data storage, have become increasingly important for security. To improve database security, existing backup methods usually employ full or incremental backups, storing backup data on a single or a few backup points. However, this method has the following problems:

[0003] (1) Single point of failure risk: If the backup point fails, the backup data may be lost.

[0004] (2) Data leakage risk: If backup data is illegally obtained, it may lead to the leakage of sensitive information.

[0005] (3) Low recovery efficiency: When recovering data, it is necessary to retrieve all data from a single or a few backup points, which is inefficient.

[0006] Therefore, improving the security of backup data in databases and the efficiency of data recovery are problems that urgently need to be solved by those skilled in the art. Summary of the Invention

[0007] In view of this, the present invention provides a secure distributed backup method for databases based on secret sharing. By segmenting and encrypting sensitive information in the database, and then distributing and storing the segmented information on multiple backup nodes, the security of data during the backup process is ensured.

[0008] To achieve the above objectives, the present invention adopts the following technical solution: A secure distributed backup method for databases based on secret sharing includes the following steps: Step 1: Select n backup nodes, set a recovery threshold t, extract sensitive information from the database, and use a secret sharing algorithm to divide the sensitive information into n shares in the backup nodes according to the recovery threshold t; Step 2: Allocate each share to a corresponding backup node for storage; Step 3: Add password-protected shares to each share stored in the backup node to build encrypted shares; Step 4: Create a mapping table based on the correspondence between backup nodes and encrypted shares; Step 5: Receive the recovery request, retrieve the encrypted shares from several backup nodes according to the reply request in combination with the mapping table, and perform decoding processing on the retrieved encrypted shares to obtain the sensitive information.

[0009] Preferably, in step 1, the Shamir secret sharing algorithm with a (t, n) threshold is selected, and the Shamir secret sharing algorithm is run to split the sensitive information S into n shares S ,

[0011] , , , , , , , , , ,

[0012] , , i = 1,..., n.

[0010] Preferably, the specific process of step 1 is as follows: Step 11: Select n backup nodes C1,..., Cn to share a prime number p, S i <p, and any backup node participating in the secret sharing is used as the distribution node, and t random numbers {b j} are randomly selected, , j = 1,..., t, , and construct a polynomial of degree t , where mod represents the congruence operation; Step 12: The distribution node calculates the share for each backup node according to the polynomial of degree t .

[0011] Preferably, the process of step 2 for allocating corresponding shares to the backup nodes is as follows: Step 21: Assign a unique number ID to each backup node; Step 22: Use a cryptographically secure pseudo-random number generator (CSPRNG) to generate a corresponding random number rand_i for each share; Step 23: Calculate the hash value hash_i of the random number rand_i using a hash function, hash_i = Hash(rand_i), where Hash represents the selected hash function; Step 24: Map the hash value hash_i to the number of the backup node to obtain the storage code; it can be achieved through modulo operation, that is, node_i = hash_i % ID_i, where node_i represents the storage code and ID_i represents the number of the backup node where the i-th share should be stored; Step 25: Store the share in the corresponding backup node according to the storage code.

[0012] Preferably, the process of adding a password share to the share to construct an encrypted share in step 3 is as follows: Step 31: Designate a backup node Cm as the distribution node, m = 1,..., n, and the distribution node randomly generates a password value PIN, and calculates the password share of the distribution node according to the password value PIN H represents a hash function, and mod represents a congruence operation; Step 32: The distribution node randomly selects t random numbers {a} j},j=1,...,t, , , making , This indicates the share corresponding to the distribution node; Step 33: The distribution node constructs a polynomial of degree t. Substitute n distinct x values ​​into f(x) to obtain n sets of share parameters. For i=1,...,n, send n sets of share parameters to the corresponding backup nodes; Step 34: Each backup node updates its stored share according to the share parameter to obtain the encrypted share. , .

[0013] Preferably, a mapping table is generated based on the correspondence between storage codes and encryption shares.

[0014] Preferably, the specific process of step 5 is as follows: Step 51: Compare the request threshold carried in the recovery request with the recovery threshold value. If the request threshold is greater than or equal to the threshold value, proceed to step 52; otherwise, proceed to step 53. Step 52: Index the mapping table based on the request node information carried in the recovery request to determine the query backup node, obtain the encrypted share from the query backup node, verify the password share carried in the encrypted share, and decode to obtain sensitive information after successful verification. Step 53: Interrupt the request and send a data recovery failure alarm.

[0015] Preferably, the query backup node includes the distribution node, and the process of restoring sensitive information after obtaining the encrypted share in step 52 is as follows: Step 521: Query backup nodes from all nodes Extract the encrypted shares, and solve for the share parameters and the original shares based on multiple sets of encrypted shares; Step 522: Reconstruct the original polynomial f(x) of degree t using Lagrange interpolation or other polynomial reconstruction methods based on the share parameters; based on the polynomial f(x) of degree t... The sequence number of the distribution node and the original share are used to calculate the password share. The same hash function H and congruence operation mod are used in step 31 to calculate the hash value of the password share. The calculated hash value is compared with the hash value of the original password value PIN carried in the recovery request. If the hash values ​​match, the verification is successful, the encrypted share is valid, and the process proceeds to step 522. Otherwise, the encrypted share is discarded, and a new encrypted share is retrieved from other remaining backup nodes according to the preset strategy, and step 521 is repeated. Step 523: Decrypt the original share using the reverse process of the secret sharing algorithm to obtain the sensitive information.

[0016] Preferably, the expression for decryption based on the original share using the Lagrange interpolation formula is:

[0017] Where S represents sensitive information, Indicates share, This indicates the backup node that was retrieved.

[0018] As can be seen from the above technical solution, compared with the prior art, the present invention discloses a secure distributed backup method for databases based on secret sharing. Through the secret sharing algorithm, it realizes the secure backup of sensitive information in the database and effectively prevents data leakage; it adopts a distributed storage mechanism, which improves the fault tolerance and reliability of the backup system; during the data recovery process, only some backup nodes need to be accessed, which reduces the system load and improves the recovery efficiency; by adding password shares, sensitive information is linked with other features, and the verification of password shares ensures that only authorized users can recover and access sensitive information. Attached Figure Description

[0019] To more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are only embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on the provided drawings without creative effort.

[0020] Figure 1 A flowchart of a secure distributed database backup method based on secret sharing provided by the present invention; Figure 2 A flowchart for allocating corresponding shares to backup nodes provided by this invention. Detailed Implementation

[0021] Next, the technical solutions in the embodiments of the present invention will be clearly and completely described in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, rather than all the embodiments. All other embodiments obtained by those of ordinary skill in the art based on the embodiments of the present invention without creative efforts shall fall within the protection scope of the present invention.

[0022] An embodiment of the present invention discloses a database security distributed backup method based on secret sharing, as Figure 1 shown, including the following steps: S1: Select n backup nodes, set the recovery threshold t, extract sensitive information from the database, and divide the sensitive information into n shares in the backup nodes according to the recovery threshold t using a secret sharing algorithm; S2: Allocate each share to a corresponding backup node for storage; S3: Add a password share to the share stored in each backup node to construct an encrypted share; S4: Make a mapping table according to the correspondence between the backup nodes and the encrypted shares; S5: Receive a recovery request, retrieve the encrypted shares from several backup nodes according to the reply request in combination with the mapping table, and perform decoding processing on the retrieved encrypted shares to obtain sensitive information.

[0023] Further, in S1, the Shamir secret sharing algorithm with a (t, n) threshold is selected, and the Shamir secret sharing algorithm is run to divide the sensitive information S into n shares S i , i = 1,..., n.

[0024] Further, the specific process of S1 is as follows: S11: Select n backup nodes C1,..., Cn to share a prime number p, S i <p, and any backup node participating in the secret sharing is used as the distribution node, and t random numbers {b j} are randomly selected, , j = 1,..., t, , and construct a t-degree polynomial , mod represents the congruence operation; S12: The distribution node calculates the share for each backup node according to the t-degree polynomial .

[0025] Further, the process of S2 for allocating corresponding shares to the backup nodes is as follows: S21: Allocate a unique number ID to each backup node; S22: Use a cryptographically secure random number generator (CSPRNG) to generate a corresponding random number rand_i for each share; S23: Calculate the hash value hash_i of the random number rand_i using a hash function, hash_i = Hash(rand_i), where Hash represents the selected hash function; S24: Map the hash value hash_i to the backup node number to obtain the storage code; this can be achieved through modulo operation, i.e., node_i = hash_i % ID_i, where node_i represents the storage code and ID_i represents the backup node number where the i-th share should be stored; S25: Store the share to the corresponding backup node according to the storage code.

[0026] Furthermore, the process of constructing encrypted shares by adding password-protected shares in S3 is as follows: S31: Designate a backup node Cm as the distribution node, m=1,...,n. The distribution node randomly generates a password value PIN, and calculates the password share of the distribution node based on the password value PIN. H represents a hash function, and mod represents a congruence operation; S32: The distribution node randomly selects t random numbers {a j},j=1,...,t, , , making , This indicates the share corresponding to the distribution node; S33: The distribution node constructs a polynomial of degree t. Substitute n distinct x values ​​into f(x) to obtain n sets of share parameters. For i=1,...,n, send n sets of share parameters to the corresponding backup nodes; S34: Each backup node updates its stored share based on the share parameter and obtains the encrypted share. , .

[0027] Furthermore, during the secret sharing process, it supports setting a certain share to a specific value. This specific value can be directly customized or derived from a custom value transformation. Such transformations include, but are not limited to, hash functions, encryption, and signatures. It establishes a link between sensitive information and characteristics such as user identity and device hardware, making the secret sharing share value heavily reliant on the protection of external secure storage devices because it is not easy for people to remember.

[0028] Furthermore, a mapping table is generated based on the correspondence between storage codes and encryption shares.

[0029] Furthermore, the specific process of S5 is as follows: S51: Compare the request threshold carried in the recovery request with the threshold value. If the request threshold is greater than or equal to the threshold value, proceed to S52; otherwise, proceed to S53. S52: Index the mapping table based on the request node information carried in the recovery request, determine the query backup node, obtain the encrypted share from the query backup node, and decode the encrypted share to obtain sensitive information; S53: Interruption request, feedback data recovery failure alarm.

[0030] Furthermore, the process of recovering sensitive information after obtaining the encrypted share in S52 is as follows: S521: Query backup nodes from all nodes Extract the encrypted shares, and solve for the share parameters and the original shares based on multiple sets of encrypted shares; S522: Based on the share parameter, reconstruct the original t-th degree polynomial f(x) using Lagrange interpolation or other polynomial reconstruction methods; based on the t-th degree polynomial f(x)... The sequence number of the distribution node and the original share are used to calculate the password share. The same hash function H and congruence operation mod are used in step 31 to calculate the hash value of the password share. The calculated hash value is compared with the hash value of the original password value PIN carried in the recovery request. If the hash values ​​match, the verification is successful, the encrypted share is valid, and the process proceeds to S522. Otherwise, the encrypted share is discarded, and a new encrypted share is retrieved from other remaining backup nodes according to the preset strategy, and S521 is repeated. S523: Decrypt the original share using the Lagrange interpolation formula to obtain sensitive information.

[0031] Furthermore, the expression for decryption using the Lagrange interpolation formula based on the original share is as follows: , Where S represents sensitive information, Indicates share, This indicates the backup node that was retrieved.

[0032] Furthermore, the choice of the recovery threshold value t should follow the principle of least privilege, that is, only grant the minimum number of shares necessary for data recovery.

[0033] In one specific embodiment, it is necessary to back up a sensitive information segment S in the database. The specific process is as follows: S1: Set the recovery threshold value t=3, and select 5 backup nodes (C1, C2, C3, C4, C5). S2: The sensitive information fragment S is divided into 5 shares (S1, S2, S3, S4, S5) using the Shamir secret sharing algorithm. S3: Assign a unique ID to each backup node; generate a random number rand_i for each share; calculate the hash value of the random number rand_i, hash_i = Hash(rand_i); map the hash value hash_i to the backup node ID to obtain the storage code node_i = hash_i%ID_i; store the 5 shares into a backup node corresponding to a storage code, and generate a mapping table based on the correspondence between storage codes and encrypted shares; S4: Select the first backup node C1 as the distribution node, generate a password value PIN, and calculate the password share of the distribution node based on the password value PIN. Backup node C1 is the holder of the password share; backup node C1 selects 3 random numbers {a j},j=1,2,3, , , making And construct a polynomial of degree t. By substituting n distinct x values ​​into f(x), we obtain 5 sets of share parameters. Given i=1,2,3,4,5, send 5 sets of share parameters to the corresponding 5 backup nodes; the 5 backup nodes update their stored shares according to the share parameters and obtain encrypted shares. ; S5: The recovery request carries a threshold of 3 and a password (PIN). It requests to retrieve the encrypted shares stored in backup nodes C1, C2, and C3 and restore the original sensitive information. If the threshold is the same as the recovery threshold, the information is retrieved from backup nodes C1, C2, and C3 according to the retrieval table index. , , ; Extract the share parameters from the collected encrypted shares. and the original share (Based on the formula for calculating encrypted shares, the share parameters can be calculated using two sets of encrypted shares.) Use at least three collected share parameters. The original polynomial f(x) of degree t is reconstructed using Lagrange interpolation or other polynomial reconstruction methods; the original share of backup node C1 is then... The corresponding value of m=1, and the reconstructed polynomial f(x) Substitute value The corresponding password share is calculated, and its hash value is calculated. The calculated hash value is compared with the hash value of the original password PIN in the recovery request. If the hash values ​​match, the verification is successful, the encrypted share is valid, the successfully verified encrypted share is decoded, and the original share is recovered by using the reverse process of the secret sharing algorithm. The original share is then decrypted using the Lagrange interpolation formula to obtain the sensitive information.

[0034] The various embodiments in this specification are described in a progressive manner, with each embodiment focusing on its differences from other embodiments. Similar or identical parts between embodiments can be referred to interchangeably. For the apparatus disclosed in the embodiments, since they correspond to the methods disclosed in the embodiments, the description is relatively simple; relevant parts can be referred to the method section.

[0035] The above description of the disclosed embodiments enables those skilled in the art to make or use the invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be implemented in other embodiments without departing from the spirit or scope of the invention. Therefore, the invention is not to be limited to the embodiments shown herein, but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims

1. A secure distributed backup method for databases based on secret sharing, characterized in that, Includes the following steps: Step 1: Select n backup nodes, set a recovery threshold t, extract sensitive information from the database, and use a secret sharing algorithm to divide the sensitive information into n shares in the backup nodes according to the recovery threshold t; Step 2: Allocate each share to a corresponding backup node for storage; Step 3: Add password-protected shares to each share stored in the backup node to build encrypted shares; Step 4: Create a mapping table based on the correspondence between backup nodes and encrypted shares; Step 5: Receive the recovery request, retrieve the encrypted share from several backup nodes based on the response request and the mapping table, decode the retrieved encrypted share to obtain sensitive information.

2. The secure distributed backup method for databases based on secret sharing according to claim 1, characterized in that, In step 1, the Shamir secret sharing algorithm with a threshold of (t,n) is selected. Running the Shamir secret sharing algorithm divides the sensitive information S into n shares S. i , i=1,...,n.

3. The secure distributed backup method for databases based on secret sharing according to claim 2, characterized in that, The specific process of step 1 is as follows: Step 11: Select n backup nodes C1,..., Cn to share a prime number p, S i <For p, any backup node participating in the secret sharing serves as the distribution node, randomly select t random numbers {b j}, , j = 1,..., t, , construct a polynomial of degree t , mod represents the congruence operation; Step 12: Distribute nodes according to the t-th degree polynomial Calculate the share for each backup node .

4. The secure distributed backup method for databases based on secret sharing according to claim 1, characterized in that, Step 2, which involves allocating the corresponding share to the backup node, is as follows: Step 21: Assign a unique ID to each backup node; Step 22: Use a cryptographically secure random number generator to generate a corresponding random number rand_i for each share; Step 23: Calculate the hash value hash_i of the random number rand_i using a hash function, hash_i = Hash(rand_i), where Hash represents the selected hash function; Step 24: Map the hash value hash_i to the backup node number to obtain the storage code; Step 25: Store the share to the corresponding backup node according to the storage code.

5. The secure distributed backup method for databases based on secret sharing according to claim 4, characterized in that, Step 3 involves adding a password-protected share to construct an encrypted share. Step 31: Designate a backup node Cm as the distribution node, m=1,...,n. The distribution node randomly generates a password value PIN, and calculates the password share of the distribution node based on the password value PIN. H represents a hash function, and mod represents a congruence operation; Step 32: The distribution node randomly selects t random numbers {a} j },j=1,...,t, , , making , This indicates the share corresponding to the distribution node; Step 33: The distribution node constructs a polynomial of degree t. Substitute n distinct x values ​​into f(x) to obtain n sets of share parameters. For i=1,...,n, send n sets of share parameters to the corresponding backup nodes; Step 34: Each backup node updates its stored share according to the share parameter to obtain the encrypted share. , .

6. The database secure distributed backup method based on secret sharing according to claim 5, characterized in that, A mapping table is generated based on the correspondence between storage codes and encryption shares.

7. The secure distributed backup method for databases based on secret sharing according to claim 6, characterized in that, The specific process of step 5 is as follows: Step 51: Compare the request threshold carried in the recovery request with the recovery threshold value. If the request threshold is greater than or equal to the threshold value, proceed to step 52; otherwise, proceed to step 53. Step 52: Index the mapping table based on the request node information carried in the recovery request to determine the query backup node, obtain the encrypted share from the query backup node, verify the password share carried in the encrypted share, and decode to obtain sensitive information after successful verification. Step 53: Interrupt the request and send a data recovery failure alarm.

8. The secure distributed backup method for databases based on secret sharing according to claim 7, characterized in that, The process of recovering sensitive information after obtaining the encrypted share in step 52 is as follows: Step 521: Extract the encrypted share from all query backup nodes. Based on the encrypted share, obtain the password share and the original share through inverse operation. Calculate the hash value of the password share using the same hash function and congruence operation as in Step 31. Compare the calculated hash value with the hash value of the original password PIN carried in the recovery request. If the hash values ​​match, the verification is successful, the encrypted share is valid, and proceed to Step 522. Otherwise, discard the encrypted share and retrieve a new encrypted share from the remaining backup nodes according to the preset strategy, repeating Step 521. Step 522: Decrypt the original share corresponding to the successfully verified encrypted share using the reverse process of the secret sharing algorithm to obtain the sensitive information.

9. The secure distributed backup method for databases based on secret sharing according to claim 8, characterized in that, The query for backup nodes includes distribution nodes. The specific process in step 521, obtaining the password share through inverse operation based on the encrypted share, is as follows: Step 5211: Solve for the share parameters and the original shares based on multiple sets of encrypted shares; Step 5212: Reconstruct the polynomial f(x) of degree t using Lagrange interpolation based on the share parameter; Step 5213: Calculate the password share based on the t-th degree polynomial f(x), the sort number of the distribution node, and the original share.