Encryption

  • Comments posted to this topic are about the item Encryption

  • Check out this links...

    http://msmvps.com/blogs/gladchenko/archive/2005/04/06/41083.aspx

    http://www.sqlservercentral.com/articles/Security/saveyourpassword/1420/

    this undocumented function is available since SQLServer 7

    so... what you think?

  • In SQL Server 2005, column-level (sometimes called cell-level) encryption became available. Now, encryption could occur within the database, but it was not easy to use, offered poor performance, and it required a re-architecture of the application, along with changes to the database schema. Even with these downsides, column-level encryption offered some advantages: such as granular security; data is encrypted in memory and disk; and explicit key management, which allows different users to protect their own data using their own keys, even preventing the DBA from seeing a user’s data. Even so, the disadvantages were so great that only the most sensitive columns of a table were generally encrypted, which meant that much of the data in a database was still left unencrypted

  • Ric Sierra (3/22/2010)


    Check out this links...

    http://msmvps.com/blogs/gladchenko/archive/2005/04/06/41083.aspx

    http://www.sqlservercentral.com/articles/Security/saveyourpassword/1420/

    this undocumented function is available since SQLServer 7

    so... what you think?

    Thank you! I love undocumented. I learned something new! πŸ™‚

  • Ric Sierra (3/22/2010)


    this undocumented function is available since SQLServer 7

    PWDENCRYPT is a hash function, which means it's a one-way function. Once hashed, data cannot be restored. With cell-level encryption, data can be both encrypted and decrypted.

  • Carlo Romagnano (3/23/2010)


    Thank you! I love undocumented.

    I'm afraid you'll be disappointed in this function since it became documented (and obsolete at the same time) in SQL Server 2008 πŸ™‚ http://msdn.microsoft.com/en-us/library/dd822791.aspx

  • If SQL 2008 was part of the choices, my guess would have been wrong as I decided to choose the newest of the three.

  • Open Minded (3/23/2010)


    If SQL 2008 was part of the choices, my guess would have been wrong as I decided to choose the newest of the three.

    Yeah, same...

    Peter Trast
    Microsoft Certified ...(insert many literal strings here)
    Microsoft Design Architect with Alexander Open Systems

  • Not to be too picky but if cell level encryption was available since SQLServer 7 wouldn't SQLServer 7 have been the correct answer? Even if it was undocumented and poorly performing, it was still technically available, correct?

  • Me too.

    Tom Garth
    Vertical Solutions[/url]

    "There are three kinds of men. The one that learns by reading. The few who learn by observation. The rest of them have to pee on the electric fence for themselves." -- Will Rogers
  • Kenneth Wymore (3/23/2010)


    Not to be too picky but if cell level encryption was available since SQLServer 7 wouldn't SQLServer 7 have been the correct answer? Even if it was undocumented and poorly performing, it was still technically available, correct?

    Though that hash function was available, it provided no means to be able to retrieve the data unencrypted and is still somewhat different than the feature at the premise of the question.

    Jason...AKA CirqueDeSQLeil
    _______________________________________________
    I have given a name to my pain...MCM SQL Server, MVP
    SQL RNNR
    Posting Performance Based Questions - Gail Shaw[/url]
    Learn Extended Events

  • Nice Question. It was good to have this question and discussion.

    Jason...AKA CirqueDeSQLeil
    _______________________________________________
    I have given a name to my pain...MCM SQL Server, MVP
    SQL RNNR
    Posting Performance Based Questions - Gail Shaw[/url]
    Learn Extended Events

  • vk-kirov (3/23/2010)


    Ric Sierra (3/22/2010)


    this undocumented function is available since SQLServer 7

    PWDENCRYPT is a hash function, which means it's a one-way function. Once hashed, data cannot be restored. With cell-level encryption, data can be both encrypted and decrypted.

    Is a semantic issue. The question is open, looking for the SQL Server version where Encryption (call as you wish: Hash function, two way encryption, masking, obfuscating, base64) can be done.

  • Complete guess, but correct. Thanks for the question.

  • Thanks for the explanation! Makes more sense now.

Viewing 15 posts - 1 through 15 (of 18 total)

You must be logged in to reply to this topic. Login to reply