Sql Server 2005 Encryption

Aug 28, 2007



If I understand all the posts/documentation correctly am I correct in saying that sql server will not send a symmetric key outside of database.

For Eg can I use ADO.Net to get the key from database into a C# application to do encryption/decryption in the C# application outside of database. I want the C# application to be able to encrypt/decrypt data using .Net cryptography api's but use sql server as key store in addition to encryption/decryption.

thanks for the help

View 1 Replies


ADVERTISEMENT

SQL Security :: Encryption 2005 - User Defined Function For Encryption And Decryption

Oct 7, 2015

I have created two user defined functions for encryption and decryption using passphrase mechanism. When I call encryption function, each time I am getting the different values for the same input. While I searching a particular value, it takes long time to retrieve due to calling decryption function for each row.

best way to encrypt and decrypt using user defined functions.Below is the query which is taking long time.

SELECT ID FROM table WITH (NOLOCK)
                     WHERE dbo.DecodeFunction(column) = 'value'

When I try to use symetric or asymetric encryption, I am not able to put "OPEN SYMETRIC KEY" code in a function. So, I am using PassPhrase mechanism.

View 3 Replies View Related

SQL Server Standard 2005, SQL Mobile 2005 Data Encryption Issues

Jul 26, 2007

Hi,

I have a central database server that is runnning on SQL 2005 standard edition and Windows server 2003 standard as OS.

I realise that I can use SQL statements to encrypt and decrypt the data inside the standard SQL.

However, how do I read and write the data via an web application coded in C#.net and is also running on the same machine?

Another issue is, I need to replicate some of the data in this SQL standard over to a SQL mobile running on a mobile device running on Windows CE 5.0.

The mobile device also needs to read and write data to the encrypted data via a C#.net application.

Question is, with all these requirements to be met, can I use AES? I know that AES is not available on Windows XP and Windows Server 2000 and I cant find AES in the .net compact framework.

how do i go about ensuring security? how do I ensure that the symmetric key is the same both on the SQL standard and SQL mobile?

thank you.

View 7 Replies View Related

RSA Encryption In DLL Using SQL Server 2005

Jun 11, 2008

I am having a problem with some code I have in a DLL that is running in SQL Server 2005. I am trying to get some RSA encryption and decryption. The encrypt code runs in SAFE mode without a problem. The decrypt code gets and error:

Msg 6522, Level 16, State 1, Line 1
A .NET Framework error occurred during execution of user-defined routine or aggregate "March_CryptoDecrypt":
System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.KeyContainerPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
System.Security.SecurityException:
at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
at System.Security.CodeAccessPermission.Demand()
at System.Security.Cryptography.RSACryptoServiceProvider.ImportParameters(RSAParameters parameters)
at System.Security.Cryptography.RSA.FromXmlString(String xmlString)
at Crypto.DoCrypto.Decrypt(String P_text, String P_privateKey)
at SQLServerCrypto.Decrypt(SqlString P_text, SqlString P_privateKey)

Here is the decrypt code:

static public string Decrypt(string P_text, string P_privateKey)
{
string retStr;
string encryptedBlock = "";
string localTextStr = P_text;
int numberOfBlocks;

RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider();

rsaProvider.FromXmlString(P_privateKey);
Queue<string> encryptedBlocks = new Queue<string>();

while (localTextStr.Length != 0)
{
if (rsaProvider.KeySize == 1024)
{
encryptedBlock = localTextStr.Substring(0, localTextStr.IndexOf("=") + 1);
encryptedBlocks.Enqueue(encryptedBlock);
localTextStr = localTextStr.Remove(0, encryptedBlock.Length);
}
else
{
encryptedBlock = localTextStr.Substring(0, localTextStr.IndexOf("==") + 2);
encryptedBlocks.Enqueue(encryptedBlock);
localTextStr = localTextStr.Remove(0, encryptedBlock.Length);
}
}

encryptedBlocks.TrimExcess();
numberOfBlocks = encryptedBlocks.Count;
retStr = "";
for (int cnt = 1; cnt <= numberOfBlocks; cnt++)
{
encryptedBlock = encryptedBlocks.Dequeue();
retStr +=
ASCIIEncoding.ASCII.GetString(rsaProvider.Decrypt(
Convert.FromBase64String(encryptedBlock), false));
}

return (retStr);
}

Here is the encrypt code that works:

static public string Encrypt(string P_text, string P_publicKey)
{
string retStr;
RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider();

rsaProvider.FromXmlString(P_publicKey);

int numberOfBlocks = (P_text.Length / 32) + 1;
char[] charArray = P_text.ToCharArray();
byte[][] byteBlockArray = new byte[numberOfBlocks][];
int incrementer = 0;
for (int cnt = 1; cnt <= numberOfBlocks; cnt++)
{
if (cnt == numberOfBlocks)
{
byteBlockArray[cnt - 1] =
ASCIIEncoding.ASCII.GetBytes(charArray, incrementer, charArray.Length - incrementer);
}
else
{
byteBlockArray[cnt - 1] =
ASCIIEncoding.ASCII.GetBytes(charArray, incrementer, 32);
incrementer += 32;
}
}

retStr = "";
for (int cnt = 0; cnt < byteBlockArray.Length; cnt++)
{
retStr += System.Convert.ToBase64String(
rsaProvider.Encrypt(byteBlockArray[cnt], false));
}

return (retStr);
}

I do not see why the encrypt can run is safe mode and the decrypt can not. Does anyone have any ideas?

Thank You,

David Demland

View 7 Replies View Related

Encryption In Sql Server 2005

Jun 20, 2006

Hi All,Does any body know how to use encryption in sql server 2005.Is itpossible to encrypt a particular column in a table.thanks

View 3 Replies View Related

Data Encryption (SQL Server 2005)

Jan 25, 2008



Hello,

I store data in an .mdf file (I use SQL server 2005), because this way it's easier to move the application from one machine to another.

I've faced a problem with the encryption of the database.

Is there a possibility/way to encrypt a database file so that, if someone else finds/copies the mdf, he/she won't be able to read it.

I thought about encrypting the string values of the tables itself and decode them inside the application and encide when Inserting, but why inventing somehing that might already exist.

Thank you.

View 7 Replies View Related

SQL Server 2005 Encryption And SSIS

Dec 21, 2007

Hi everyone! I have a problem and I was hoping someone could help me with it.


Here's my scenario:
I have to access to an intermediate SQL Server 2005 database, which I cannot change or alter. In this database is information that a I need to retrieve and put in our website database. One item of information is a persons SSN which is stored in a varbinary field and encrypted using a certificate.

In my Data Flow task which processes this information I am using an Ole Db Source to retrieve the information with the SQL Script:


SELECT
CAST(DecryptByCert(Cert_ID('Certificate_Name'), [IntermediateDB].[SSN]) AS VARCHAR) As SSN
FROM
[dbo].[IntermediateDB].[SSN]


BTW, This script runs fine from within SQL Server Management Studio. It decrypts the SSN to the appropriate value. However, when I run it in SSIS, I receive a truncation error which is no small surprise b/c the SSN value is in a large binary format. I.e:


0x55 0x56 0x69 0x99 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 ...


It goes on further, but for the sake of brevity and my own sanity I thought I should truncate it.


It seems like SSIS's use of the certificate is failing (although I don't get an error for that) and is simply pulling the encrypted SSN from the intermediate table.


So my first question would be, is this actually what's going awry? And secondly, is there a way to fix this without touching the source database??


Thanks! I greatly appreciate it! And Happy Holidays!

Derek

View 4 Replies View Related

A Bit Of Beginner Confusion About SQL Server 2005 Encryption

Dec 26, 2007

Hi,

I have studied a variety of online documents explaining built-in SQL Server 2005 encryption, and I'm a bit confused. Every encryption approach, it seems, ultimately replies upon a password that must be provided with queries to access the data. As an application developer, it brings up the obvious question: how should that password be provided? If I build the password into my applications, then it will no longer be secure. On the other hand, I can't possibly expect my users to provide a password every time they perform an action that requires unencrypting data. If I give that password out to 50 users, the password will become public information quickly, I am sure. We will also have to alter the password regularly. Plus several of my applications run as windows services, in which case the user (meaning the windows user under which the service runs) won't be around to type in password.

I have a better solution in mind. Is there an option to limit access to symmetric keys by windows identity? As a best-standards-abiding coder, all of my sql server access is done via Windows Authentication instead of SQL Server Authentication. Why not make it so that myorgjoe and myorgsally can access the symmetric key for a particular column, but nobody else? This way there is still a password involved, but it is now moved further up the application layers; it is the windows password that the user originally used to log into their machine to run the application.

Is there a way to make it so that access to symmetric keys (or asymmetric keys which encrypt symmetric keys) is decided solely on the basis of windows user identity?

Thank you for any thoughts!

Adam

View 1 Replies View Related

SQL Server 2005 Data Encryption Issues

Oct 27, 2006

I read a couple of articles related to encryption topic in this forum and I feel that's really helpful I don't know if anyone has some knoeledge about the encryption issues in replication and clustering environment. I read some documents from Microsoft web site that explains how to move an encrypted database from its original server to another new server instance. That cause a lot manual works, if the database master key has been encrypted by the original service master key and you still want to enjoy the auto-open feature in the new environment. As we know the Microsoft SQL Server 2005 has a hierarchy encryption key structure and its top level service master key is really service oriented. For what kind of mechanism or set up, Microsoft makes their encrypted database working smoothly and automatically in a clustered and replicated infrastructure. Is that possible to sacrifice the security a bit by dump the service master key for database master key and make database more portable? I search the web site all the way, but couldn't find the related topic. Anybody has a good idea or experience to share?

Thanks,

View 11 Replies View Related

MS SQL Server 2005 Failed To Start After SSL Encryption Adjustment

Mar 21, 2008

Hi, everyone!

I faced the problem trying to adjust ssl encryption in ms sql server 2005.
I've completed all steps from this article:
http://msdn2.microsoft.com/en-us/library/ms191192.aspx

But when I'm trying to restart sql server - it fails to start.

Here the error messages I got:

1. Unable to load user-specified certificate. The server will not accept a connection. You should verify that the certificate is correctly installed. See "Configuring Certificate for Use by SSL" in Books Online.

2. TDSSNIClient initialization failed with error 0x80092004, status code 0x80.

3. TDSSNIClient initialization failed with error 0x80092004, status code 0x1.

4. Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.

5. SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.



SQL Server is installed on Windows 2003 Server OS running computer.

I use certificate created by means stand-alone Certificate Authority that appeared in Administration Tools on that computer after I installed Certificate Services.

I guess the reason is in wrong certificate parameters I set while requesting.

How can I determine correct certificate parameters? Does anyone know?


Any help is appreciated,
Thanks

View 4 Replies View Related

Encryption In SQL 2005

Apr 30, 2008

Does SQL Server 2005 not have a built in encryption function. I'm trying to INSERT and store passwords as an encrypted value in my table. Any help appreciated. Thanks.

View 1 Replies View Related

SQL 2005 Encryption

Feb 8, 2008

I have a VB 6 app with a SQL 2000 database backend.

To meet company standards I need to add encryption from the VB6 app to the database. I also need to add better password protection at the database. Upgrading to SQL 2005 will help with the password protection changes I need to make and I have been told that 2005 does have some sort of Encryption built in?

Does anybody have any references or information about encrypting data in transent between a VB6 app and SQL server 2005?

Thanks

View 1 Replies View Related

SQL 2005 Encryption And C#

Nov 6, 2007

Hi everyone. I'm relatively new to the world of encryption and have a specific scenario on which I need guidance.



Scenario / Requirments:



1) Our DBA group is loading a table with SSN from Oracle into SQL 2005. They will be encrypting the SSN using the built in encryption functionality of SQL. Specifically, they are using a SQL generated Certificate. (create cert dboCert ... encryptBycert ...)



This is their preferred method of encrypting the data but they are willing to change it if I need them to. Our only requirement is that it is at least 128 bit- 256 is preferred.



2) I am returning information back to a C# class. I don't want to use the DecryptByCert function in SQL and then send the clear text across the wire between SQL and the Web server, so I need to return the data as cipher text and then decrypt it on the web server in C#.



3) I will be logging queries into another table for auditing, so I will need to re-encrypt the SSN into this new table.



It is not required, but would be ideal if I can use the same algorithm to encrypt this new table as SQL uses in the encryptByCert. This way the DBA team can decrypt both tables without using my C# code should the need arise.



How do I do this? I've figured out how to use AES in the Security.Cryptography namespace, but I've read that although symmetric encryption is much faster, it is not ideal to use in a distributed system due to key management. I€™m also not clear how to use this in SQL (not sure it matters if it€™s not the best way to go).



I'm about to start researching the Security. Cryptography namespace for asymmetic encryption using certificates, but I'm not sure how that works with the SQL Certs (are the RSA?, etc).



At this point, I'm on information overload and my head is spinning. J




Thank you,

Tom Hundley

View 4 Replies View Related

Encryption SQL 2005

Jul 19, 2007

I have a desire to encrypt an entire database rather than utilizing TSQL to encrypt individual columns. Outside the SQL Server authentication and access should function as normal.



Reason: avoid customization and change to a vendor applicaiton, and satisfying the group security ghouls by being able to state definatively that the data within the database is encrypted.



The database is small as it contains only financial statement data, so performance should not be an issue.

View 1 Replies View Related

Encryption Using MS SQL 2005

Mar 16, 2007

Hello,

I have a application server with about 500,000 users. We are trying to tacle the issue of encryption. We are using MS SQL 2005 and I am sure that symmetric encryption would be the best, due to speed. But heres the kicker.....We want the whole database encrypted at rest, and when clients log onto our ASP to gain access to their programms the data must be in plain text. Any sugesstions?

Thanks,

Corliss

View 10 Replies View Related

SQL 2005 Encryption Questions

Apr 26, 2006

Hello,I have been researching the use of symmetic and asymmetic encryption inSQL 2005 and I am pretty excited to give it a try. Through examples, Ican encrypt the data, but I cant figure out what to do next...What I want:1. our social security field to be encrypted so that only the person(s)that need it can decrypt it.2. prevent DBA's from decrypting the data themselfs3. Simple way to encrypt the data on the table (maybe a trigger?)I thought I would use asymmetric keys, this way I can embed the publickey into my data warehouse process to encrypt the data.I thought I would prompt the user for the private key when the reportruns, that way I wont store the key on the server.This would be a place to start.Someone in the office said that we can store the keys in Activedirectory, so maybe I could make this seemless to the user running thereport?I've found a lot of great articles that got me started, but I amneeding the next stepAny Ideas would be apprecitated!TIARoblinks to articles I have found handy:http://www.databasejournal.com/feat...int.php/3483931http://www.devx.com/dbzone/Article/29232/0/page/3http://www.sqlservercentral.com/col...rintversion.asp

View 4 Replies View Related

Newbie: Sql 2005 Encryption --- Or Where Do I Put That Key?

May 23, 2006

I can encrypt columns in sql 2005 but where do I store the key to decrypt the columns?

I can store the key in the database (or server on which the database resides) but I think that offers little security. I could store the key on another server that the sql server accesses only upon startup (though I don't know exactly how to do that). Or I could store the key on a removable drive that is read (and only needed) when the sql server starts up.

What are your ideas on this matter?



TIA,



barkingdog

View 20 Replies View Related

Issues With SQL 2005 Encryption

Oct 3, 2006

Are there any pitfalls i should look out for when using the encryption in SQL 2005?

View 39 Replies View Related

SQL 2005 Encryption And CPU Performance

Jan 27, 2008



Hello All,

Here is the SQL 2005 encryption environment:

1. Clustered SQL 2005 (enterprise edition) on windows 2003. HP (quad processor) with CPU affinity set to all processors.
2. Table structure where encrypted data will be stored has two varbinary (max) columns to store encrypted data. The columns are varbinary (max) b/c the data size could be more that 8K.
3. Encryption using AES (tried both 128/256) algorithm with symmetric keys.

When inserting data in the columns, CPU is staying at 50% when inserting records. Any ideas why this would be happening. Any suggestions on improving performance is appreciated..

Thanks..

View 7 Replies View Related

Does SQL 2005 Encryption On X64 Work?

Oct 5, 2006

Are there any known issues with EncryptByKey/DecryptByKey on x64 machines?

I have a test script where I create a sample table and encrypt a column and later decrypt it. It works fine on my x86 box. When I run the *exact* same test script on an x64 server I'm getting unprintable characters back on the DecryptByKey. I cannont find anything I'm doing different between the two.

Has anyone seen anything like this before?



View 4 Replies View Related

Enabling Ssl Encryption For SQL 2005

Apr 12, 2008



I have SQL 2005 (v9.0.3042) on Windows Server 2003. The sql server is running under LocalSystem account.

I am trying to enable SSL encryption as described in the article http://support.microsoft.com/kb/316898.
I have logged onto the machine as an administrator when creating a new certificate request in MMC. I have set "Force Encryption" to true on server and restarted the server.

However all my clients (.net code, SQL Server Management Studio) successfully connect to the server without "Encrypt=Yes". I expected to see a ssl error or some kind of error denying connection because the cliend did not request ssl ecnryption.

what am I missing? any help would be greatly appreciated.

thanks

View 8 Replies View Related

SQL 2005 And Encryption Performance Overhead

Jul 9, 2007

Does anyone have any specific performance information using AES or other encryption schemes supported by SQL Server 2005?

- What method did you find works best?

- Did you encrypt any XML Data?

- Did you encrypt specific columns or whole tables?



Thanks,

Michael

View 1 Replies View Related

2005 Encryption - Symmetric Keys

May 29, 2006



Hi There

We have been playing around with encryption in 2005. I cannot find a BOL topic that discusses dropping encryption objects such as keys.

We do the followign steps:

Create master key with password, then we create a certificate using the master key, we then create a symmetric key using this certificate and encrypt data columns.

But what i find worrying is that you can then drop the symmetric key , there are no warnings that you have objects dependant on this key for decryption.

Once you have dropped the key you cannot decrypt the data anymore?

Also the key defults the expiration date to 1 year.

WHat happens after 1 year when you have encrypted data and an expired key, or someone drops the key ? How can you ever decrypt the data after that ?

You can backup master keys nd certificates but not symmetric keys?

It seems to be that youc an very easily orphan encrypted data by the loss of the symmetric key for whatever reason, is this correct ?

Thanx

View 6 Replies View Related

SQL 2005 Encryption - Symmetric Keys

Feb 14, 2007

I have a question about the storage of symmetric keys in SQL Server 2005 due to the fact that I have read two conflicting statements on this.

In Laurentiu's blog located at http://blogs.msdn.com/lcris/archive/2005/10/14/481434.aspx, in regards to preventing symmetric key loss he makes the statement that "...Because the keys are stored in the database, they will be saved with the database....".

But in the white paper Improving Data Security by Using SQL Server 2005, which is located at http://www.microsoft.com/technet/itshowcase/content/sqldatsec.mspx, in regards to symmetric keys the statement is made "...Note: The symmetric key is not stored in the database. Only the encrypted values of the symmetric key are stored in the database. Therefore, users who can access the database cannot decrypt the data without first decrypting the symmetric key....".

So I am just wondering which statement is correct, are symmetric keys stored in the database or not?

Thanks!

Ginny



View 1 Replies View Related

SQL 2005 RS Configuration Tool - Encryption Key Error

Mar 9, 2007

I have SQL 2005, and Reporting Service has been uninstalled and reinstalled,
go through each step of confiugration until Encryption Key, for some reason,
the backup button is grayed out, only "restore" button is clickable, as well
as Delete, but we never backup the key before, so this is really strange
since we do not have backupkey, so we cannot restore.

we tried "Delete", then we got the following error:

ReportServicesConfigUI.WMIProvider.WMIProviderException: The encrypted
value for the "LogonCred" configuration setting cannot be decrypted.
(rsFailedToDecryptConfigInformation)
at
ReportServicesConfigUI.WMIProvider.RSReportServerAdmin.ThrowOnError(ManagementBaseObject mo)
at
ReportServicesConfigUI.WMIProvider.RSReportServerAdmin.DeleteEncryptedInformation()

Browse report manager and reportserver also got the same error, run
rskeymgmt -d, does not help either

Any suggestion?

Thanks
Don

View 10 Replies View Related

SQL 2005 Express And Hard Disk Encryption

Jul 20, 2007

Hi All,



We have here a WinForms Application on laptops that uses SQL Express as its database. Initially all was going well, then it was decided that the laptop Hard Drive should be encrypted. Thats when the fun started.



It is now very hit and miss as to whether we can connect to SQL and service pack 2 will not install.



So now to the question :-



Does anyone know if there are any compatablity issues with SQL 2005 Express and hard disk encryption (particularly BeCrypt).



Thanks



Steve

View 1 Replies View Related

SQL 2005: Symmetric Encryption With Asp.net Page, Login, Username, Password

Nov 29, 2007

I currently have a login page in asp.net 2.0 linked to a SQL 2005 database table that holds the usernames and passwords. At present, I am on an "honor system" where I do have access to the passwords of the other users but would like to change it so that I cannot know what the users' passwords are. Thank goodness that there is no personal information within the pages and the logins were created to keep a log of who logs in and what not. However, I would like to soon hold more personlized information, hence the need to encrypt each user's password even from myself.
I have read up on Symmetric Encryption for SQL 2005 but I would like to know if there is anything else available, any good proven methods that someone else has already tried.
Also, while testing out Symmetric Encryption, I noticed that I have to supply the encryption password for the decryption. However, if I know what the password for the encryption/decription is, does it not defeat the purpose of having the encryption at all, in terms of the "Admin" having access to sensitive information? Just curious if I understood the concept correctly or not.
 Thanks in advance to all.
 
 

View 2 Replies View Related

Encryption In SQL Server

Jul 12, 2001

How do we Encrypt a field values of a table in SQL Server 7.0

Bye
Amar

View 1 Replies View Related

Encryption For Sql Server

Mar 5, 2005

hey ppl..

i am creating a client that can access straight into the sql db using vb.net.

is there a way encrypt the data from the client and the sql server will decrypt the data and visa versa?

View 3 Replies View Related

Sql Server Encryption

May 13, 2006

I'm trying to encrypt a column in my table using

EncryptWithPassPhrase( @PASSPHRASE, @COLUMNDATA)

My Question is, does PASSPHRASE have to be (at least ) as long as the column data? Is there a problem if it is longer>

I'm only storing part of the results, and it looks like the # of characters I'm storing is the length of my passphrase.



Thanks,



Phil

View 4 Replies View Related

SQL Server Encryption

Nov 2, 2007

I am using SQL Server Encryption functions to encrpt the data.I also use that column in my search criteria.
While seaching fro that binary column it is really slow. Its doing index scan on the table. Following are the steps i follow:-

I encrupt the actual value & then search it in the encrypted column in the database.

Any suggestions or experiences please le me know

View 3 Replies View Related

SQL Server Whole DB Encryption

Oct 3, 2007

Hello guys. Here's the scenario. I'm opened to any suggestions. We have thousands of users with laptops running Windows XP SP2. The users login as the Admin of the machine. I know, I know, very bad practice and I totally agree with you. For whatever reason that part has to remained unchanged. In the Laptop we will install an application that will need to work offline so the application will maintain the data using SQL Server 2005 Express. We need to encrypt the whole DB, meaning we need to encrypt the Data File(s) + the Log File(s).

Requirements:
1. We need Stored Procedures (SQL Server 2005 Compact is out of the question).
2. The encryption has to be transparent to the client and Stored Procedures (meaning no column nor table encryption)
3. Whatever method used has to be able to work around the fact the user running is an admin (Windows EFS is out of the question)

Does SQL Server 2005 Standard allow whole DB encryption? How about SQL Express?


We found NetLib Encryptionizer which is exactly what we want, but we do not want to limit our options so we are still looking for other posiblities.

What do you guys recommend?

Thanks...

View 1 Replies View Related

SQL Server Symmetric Encryption

May 6, 2008

 Hi - this is a repost of a question that I originally posted in Security. Ok, I'm very new to this topic.  I'm working on an application that
requires that some information in the db be encrypted and then
decrypted when retrieved.  I have everything set up and it works fine
except for one thing.  I can't seem to be able to pass a parameter into
the sp that is used to decrypt the key.  It only seems to take the
string when typed in.  I really think I'm missing something here.  It
doesn't seem all that great to have your password hard-coded into the
stored procedure.  Maybe I'm just screwing something up?  Anyway, I
can't get it to work if it looks like this:OPEN SYMMETRIC KEY Key_NameDECRYPTION BY PASSWORD =  @pwdThis does work:OPEN SYMMETRIC KEY Key_NameDECRYPTION BY PASSWORD =  'password'This
has to be some goof on my part right?  If the db machine is compromised
you're giving the keys to decrypt the data away as well - they just
haver to open your stored proc.  You should keep them separate imo and
I hope someone can set me straight.  Also, encrypting the stored
procedure is  an option, but it's very easy to decrypt from what I've
read.  Can someone help point me in the right direction?  Thanks!  And thanks to the mod that suggested moving this post.  Any help will be appreciated. 

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved