Laurentiu Cristofor's blog @microsoft.com
Current topics: Security, SQL Server, bing
Browse by Tags
All Tags
»
encryption
»
SQL Server
(RSS)
computer security
SQL Server - cryptography
SQL Server - security
SQL Server 2005: How to debug errors in code that does encryption
Encryption builtin functions in SQL Server have no known issues and, if used properly, they will produce the expected results. However, if they are used incorrectly, it can be hard to figure out what exactly is the problem, so in this post I am going
Read More...
SQL Server 2005: A great post by Aaron Morton about using MARS to access opened keys
Aaron Morton has a very interesting post and demo that show how MARS can be used to access keys temporarily opened by a procedure. This is a must-read for anyone that is interested in implementing custom restrictions around the use of encryption keys.
Read More...
SQL Server 2005: Why you should not encrypt data with certificates
I often recommended to only encrypt data in SQL Server using symmetric keys and to reserve the use of asymmetric encryption for protection of symmetric keys and for signing. In this post, I will go in more detail about why asymmetric encryption is not
Read More...
SQL Server 2005: How to determine the size of a column that will hold encrypted data
This issue has been addressed before on forums, but with the heavy traffic, it can be hard to find the proper post. So, I'll provide some explanations here as well. Note: This article is written with symmetric encryption in mind, but the actual technique
Read More...
SQL Server 2005: Restoring the backup of a database that uses encryption
I have addressed this topic in previous threads and comments ( here , here , and here , for example), both on this blog and on various forums, but it looks like when you need the answer, it can be hard to dig out. So I'm hoping that by placing these steps
Read More...
SQL Server 2005: How to recover when the service master key (SMK) is not accessible
I wrote earlier today a reply on this topic on the public forums, but now that I checked, the reply appears to have got lost, although I still entertain the hope it may only have got delayed and will appear there in 24 hours. Anyway, this is the reason
Read More...
SQL Server 2005: A note about the use of certificates
To avoid any confusion, this post is not about the use of certificates for securing the communication between a client machine and the server; instead, this refers to the use of certificates created via the CREATE CERTIFICATE DDL. I am prompted in writing
Read More...
SQL Server 2008: Transparent data encryption feature - a quick overview
I have kept silent on this feature while it was being developed, but as it has now been publicly advertised in various ways (being mentioned here , here , here , and here , for example), I think it is probably time to write a bit about it. Given that
Read More...
SQL Server 2005: About login password hashes
There seem to be a couple of misconceptions around the SQL Server handling of login passwords. Hopefully, by the end of this post, you will have a much clearer idea about what is going on under the covers. Note that this refers to the passwords of logins
Read More...
SQL Server 2005 security presentations at PASS - Pre Conference
If you missed the PASS Pre Conference security presentations, you can now catch up by viewing them online: http://cmcgc.com/Media/WMP/261115/ .
Read More...
Who needs encryption?
For those that read my previous posts, the question in the title may be startling. I want to reassure you from the start: this post is not about encryption being a useless technique; it is just about it not being a solution for certain problems and definitely
Read More...
SQL Server 2005: How to determine what key was used to encrypt a piece of data
Let's say we have some data that is encrypted and we would like to find out what key was used to perform the encryption. SQL Server 2005 knows what key was used to encrypt the data because the key identifier (the key_guid value) is prefixed to the encrypted
Read More...
SQL Server 2005: How to regenerate the same symmetric key in two different databases
In a previous post on using symmetric keys , I mentioned that keys can be recreated using the KEY_SOURCE and IDENTITY_VALUE clauses of CREATE SYMMETRIC KEY. In this post, I'd like to expand a little on this topic and present a small demo as well. Because
Read More...
Why encryption should be salted and a small C# demo
In my previous post on searching encrypted data , I mentioned that the SQL Server 2005 encryption procedures are salted and that this prevents an index on encrypted data from being useful for any type of cleartext searches. Today, I will illustrate why
Read More...
SQL Server 2005: what to do when a decryption error occurs while regenerating or reloading a master key
Decryption errors during the regeneration of a master key are highly unlikely. I've never seen one of these occurring naturally so far (we caused these errors manually for testing), so a discussion on their topic has a slim chance of being useful in practice.
Read More...
More Posts
Next page »
Search
This Blog
Home
About
These posts are provided "AS IS" with no warranties, and confer no rights.
Tags
announcements
basic SQL Server security concepts
bing
computer security
encryption
Microsoft products
search engines
software engineering
SQL Server
SQL Server - cryptography
SQL Server - general
SQL Server - security
Archives
December 2009 (1)
October 2009 (3)
August 2009 (2)
July 2009 (1)
June 2009 (1)
August 2008 (2)
June 2008 (1)
May 2008 (1)
April 2008 (1)
March 2008 (1)
February 2008 (5)
January 2008 (4)
November 2007 (2)
October 2007 (4)
September 2007 (3)
July 2007 (1)
April 2007 (2)
March 2007 (1)
February 2007 (2)
December 2006 (1)
November 2006 (1)
October 2006 (3)
July 2006 (2)
May 2006 (1)
April 2006 (2)
March 2006 (2)
January 2006 (1)
December 2005 (5)
October 2005 (3)
September 2005 (5)
July 2005 (1)
June 2005 (4)
Security related links
NSA Security Configuration Guides
Bruce Schneier's blog
Bruce Schneier's Crypto-Gram newsletter
RISKS Digest
Software engineering links
Motley says
SQL Server security links
Raul Garcia's blog (SQL Server Security)
SQL Server Security Team blog
SQL Server Security forum on MSDN
SQL Injection Watch List
Useful Microsoft links
Product Feedback site
Microsoft Technical Forums
Security Vulnerabilities reporting site
Security Development Lifecycle blog
Secure Windows Initiative blog
Microsoft Security Advisories
Syndication
RSS 2.0
Atom 1.0
