Encrypting a column

  • We collect sensitive data like SSN or CC# and would like an easy way to encrypt those columns. Any one already doing this? Any advice would be greatly appreciated...

  • We use a standard DES algorithmn that is wrapped up in a DLL.

    You can download one off the net.

    The DLL looks at a registry key value to get the seed value for the DES algorithm.  In the past we have used a value in a file to which the DLL has permissions but general users have not.

    Without the correct seed value the passwords cannot be cracked (apparently).

  • Yes, I do this now.  I have the Code in VB.NET if you'd like it.

  • xp_crypt is the s/w we use, it easy and cheap (compare with other). But, no key management or audit functions

  • You could use the undocumented function pwdencrypt()

     

    input data type sysname (or varchar)

    output type is varbinary

  • Here is my 2cents.

    If you really want to secure the SSN or CC#, you have to do it from application side and that will prevent "snipping" between App and SQL server.

    If you don't think that is important, you can do it from SQL side and Pwdencrypt() is really good one but I think that is one way hash so you won't be able to decrypt and use it like rebill the invoice and such for CC but you can certainly compare by using "PWDCOMPARE()" though.

    I am using "AspEncrypt  http://www.aspencrypt.com/" and it is Maximum 128-bit RC2 keys. If you want, you can use extended store proc sp_OACreate proc to do encrypt and decrypt from SQL side but like I said above, we do it all from application side.

     

  • Our company is using the MD5 algoritm. You can insert the SSN into an application and you get a 128-bit "fingerprint" or "message digest" of the input.


    -Lars

    Please only reply to this newsgroup. All mails would be bounced back.

Viewing 7 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic. Login to reply