Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
Author |
Topic |
winman
Starting Member
26 Posts |
Posted - 2013-02-09 : 04:31:32
|
I was serching about encryption in SQL and got one nice article.(http://blog.sqlauthority.com/2009/04/28/sql-server-introduction-to-sql-server-encryption-and-symmetric-key-encryption-tutorial-with-script/#comment-419795).In this article the Symmetric Key and Triple DES encryption is used.But if i go to SSMS then i can see 'EncryptTestCert'(certificate used in this article) can be easily found in certificate folder and 'TestTable'(symmetric key) can be found in symmetric keys folder in SSMS under that database. So anyone who can login to SSMS can easily decrypt database by using it. So how it can be prevented? Also any other methods? |
|
chadmat
The Chadinator
1974 Posts |
Posted - 2013-03-09 : 18:43:03
|
From BOL:The caller must have some permission on the key and must not have been denied VIEW DEFINITION permission on the key. Additional requirements vary, depending on the decryption mechanism:•DECRYPTION BY CERTIFICATE: CONTROL permission on the certificate and knowledge of the password that encrypts its private key.•DECRYPTION BY ASYMMETRIC KEY: CONTROL permission on the asymmetric key and knowledge of the password that encrypts its private key.•DECRYPTION BY PASSWORD: knowledge of one of the passwords that is used to encrypt the symmetric key.-Chad |
|
|
|
|
|