To ensure the security of the generation and storage of encryption key, this system proposes one new double encryption-key mechanism for database encryption, in which the AES encryption is used to get work key from transform of the main key, without setting work key firstly. In order to further ensure the security of database encryption key and to improve the encryption key generation rate, the construction of AES algorithm key matrix is analyzed and improved. The key expansion algorithm called ‘one-way' design strategy is introduced to reduce the correlation between each wheel key, which will help to provide a more effective guarantee for the security of database.