SQL Encryption Overview
In these days I’m working on SQL encryption, and would like to post best guidelines for this
1. Choose from Symmetric vs Asymmetric encryption, based on the security of key distribution.
Symmetric encryption algorithms are historically computationally fast, which makes them a good choice when encrypting large amounts of data or when key distribution is not a concern
2. Protect “Data-in-motion” – transferred data by selecting the right protocol and “Data-at-rest” – stored data.
3. Choose from encryption in Database Level vs Row/Collumn Level.
Database level encrypt the whole data file and each db manipulations request data decryption, which hinders performance for big db.
4. Prefer to create Certificates rather then use pass-phrases or keys
It simplifies key management and you don’t need to use your pass or pass-phrase in each stored proc
5. Generate you keys with the most advanced algorithms (AES for Symmetric for example, but it request Win2k3 and above)
Resources:
- http://aspnet.4guysfromrolla.com/articles/021407-1.aspx
- http://aspnet.4guysfromrolla.com/articles/022107-1.aspx
- http://www.sqlservercentral.com/articles/SQL+Server+2005+-+Security/sql2005symmetricencryption/2291/
Mirror: SQL Encryption Overview