Browse by Tags

Tagged Content List
  • Blog Post: SQL Application Column Encryption Sample (Codeplex) available

    To achieve many compliance guidelines on Azure SQL Database, the application needs to encrypt the data. The intent of this article is provide some guidelines and an example library for encrypting data at rest for relational databases. We just published the source code for a library at “SQL Application...
  • Blog Post: Integrity checks with EncryptByKey

    This article is a follow up to “Prevent Tampering of Encrypted Data Using @add_authenticator Argument for ENCRYPTBYKEY” . In the last article we described a scenario where the security risk of copying encrypted data from one row to another could be blocked, but there are other scenarios that...
  • Blog Post: Revisiting the RC4 / RC4_128 Cipher

    The implementation of RC4/RC4_128 in SQL Server does not salt the key and this severely weakens the security of data that is encrypted using the RC4/RC4_128 algorithm. In cryptography, an initialization vector (IV) is a fixed size input to a cryptographic algorithm that is typically required to be...
  • Blog Post: How To: Share a Single EKM Credential among Multiple Users

    SQL Server Extensible Key Management (EKM) requires the authentication information (user/password) to be stored in a credential mapped to the primary identity. This version of EKM cannot be used under an impersonated context; that is, you cannot access the EKM while running a module with the EXECUTE...
  • Blog Post: SQL Server EncryptByKey cryptographic message description

    Since the introduction of SQL Server 2008 extensible key management (EKM), new opportunities may arise to handle data encryption on the client while still making the plaintext data accessible to authorized users in SQL Server. One issue between SQL Server and third party clients has been already discussed...
  • Blog Post: SQL Server 2005 Encryption – Encryption and data length limitations (feedback page)

    We have received some feedback regarding the “SQL Server 2005 Encryption – Encryption and data length limitations” article, but unfortunately the owner of this blog is no longer a member of our team and we really don’t have access to it in order to answer to your feedback properly. I would like...
  • Blog Post: OPEN SYMMETRIC KEY scope in SQL Server

    Recently I have heard a few questions regarding the scope of the SYMMETRIC KEY key-ring, especially when using modules (i.e. stored procedures) to open a key. One particular topic that got my attention is the impression that the OPEN SYMMETRIC KEY call may “leak outside the module” (i.e. the key will...
Page 1 of 1 (7 items)