Free Encryption

  • Great posting, excellent stuff!!

    Warren

  • Hi,

    Since we are in the encryption issue, beside encrypting the data in the tables,

    is there any way or tool to encrypt the stored procedures/triggers/function ?

    I am looking for a free one. Please advise as native SQL server 2000 encryption

    can be crack by third-party tool.

    Please advise.

  • I don't know of any free tools.

  • Hi Mike.  Stupid question here.  Where can I find what version for the encryption objects?

  • Sorry to bother you, Mike.  Just found the version in the install/readme.txt.  Funny how that works...

  • Hi Ed,

    No problem.  I also put the version in the DLL files so you can right click and look at the properties for the DLL's to check the version numbers.

    Thanks

  • We have been evaluating your field level encryption tool kit and think it is great.

    We have gotten it working on SQL 2000 SP4, but on a SP3 installation, the AES_UDFTEST.SQL script kicks the following error.

    Disallowed implicit conversion from data type varchar to data type varbinary, table 'tempdb.dbo.#6220154D', column 'Enc_Name'. Use the CONVERT function to run this query.

    We tried using a CONVERT statement, and it resulted in similar errors.

    Any ideas why using the code on an SP3 installation would result in these errors?

     

  • Hmmm.  Were you using this one or the SQL 2000 DBA Toolkit? (http://www.sqlservercentral.com/columnists/mcoles/sql2000dbatoolkitpart1.asp)  I'd recommend the latter, as it has more error handling and uses more robust algorithms.  Try using the CAST (column_name AS VARCHAR(nnn)) syntax to cast the result to the correct type and see if that resolves the issue.

    Thanks.

  • Hi Mike, I have recently installed and ran the package; it works fine for a while and then suddenly I get an error message in Query Analyzer:

    [Microsoft][ODBC SQL Server Driver][DBNETLIB]ConnectionCheckForData (CheckforData()).

    Server: Msg 11, Level 16, State 1, Line 0

    General network error. Check your network documentation.

    Connection Broken

    After this message, I can still run any regular query like "select * from table1", but I can't ran the encrypt/decrypt stuff anymore.

    I am on version 0.9, any ideas why I’m getting this error? Is it related to a memory leak?

    Thank you very much; I really need to get this working.

    Nick

  • Hi Nick,

    I don't know your specifics, but this version was provided as a demonstration w/ source.  The usual problem that causes that issue is supplying bad decryption passwords to the XP's.  I recommend you look here http://www.sqlservercentral.com/columnists/mcoles/sql2000dbatoolkitpart1.asp for the updated version with better error handling than this sample, support for more encryption algorithms, better documentation, and built-in encryption key management.

  • Hi Mike, thanks for the quick reply, actually I was able to narrow down the problem: it always happens when I pass an unencrypted value to the decryption function (I did this accidentally). The problem with this is that it could always happen accidentally in production too, and the SQL server simply stops after this and needs to be restarted. I will check the new version with better error handling.

    Thank you very much; this is a very useful tool.

    Nick

     

  • Hi Nick,

    Yes, this version was an example w/ source of how encryption could be done via XP's.  I didn't include error handling (which I probably should have, in hindsight) to keep the source code from getting too cluttered, for those who wanted to play around with it.  The DBA Toolkit encryption has extensive error handling to prevent problems like the one you encountered, and a lot of other nice features built in.

    Thanks

  • Hi,

    I downloaded the took kit part 1 and installed the DLL and stored procedures. It's a great work.

    I have some questions:

    I am using the encryption through .Net libraries System.Security.Cryptography. But, i would like to encrypt/decrypt content in sql server itself. I think this toolkit will provide a great support on that. But, i am using a key with initialization vector(IV) to encrypt the data in .Net. Let me know how should i include the IV with these DLLs. Is there any updates given to support this???

    Is is possible to include IV thorugh source code update? If so what are the files to be involved in this change??

    Suggestions pls...

     

  • Hi rsomasundar,

    Currently the IV is not implemented in the Toolkit.  The encryption routines all can accept an IV, however, and you can add that option through the source code Steve has posted to the site (it's unmanaged C++).  Because the encryption routines accept an IV, it should be a fairly straightforward addition to the functions that call the encryption routines.  Some other things to consider are that the encryption padding and mode need to be the same.  The Toolkit uses CBC (Cipher-Block Chaining) mode, and FIPS padding (pad with zeroes and append the # of pad characters to the end before encryption).

    Thanks,

    Michael

  • Hi Mike,

    Thanks for kind reply.

    I have verified in VB.Net by default settings are

    Cipher Mode: CBC

    Padding: PKCS7  (adding 03 as padding strings)

    Is there any built-in way set to change Cipher Mode and Padding mode in Toolkit??

    I have downloaded the source.  Let me know what are files to updated for applying this change..

    I am a VB developer. Is there any online reference materials supporting to do thing change??

    I am interest to complete this.. Any suggestion pls..

    Regards 

    rsomasundar

Viewing 15 posts - 91 through 105 (of 153 total)

You must be logged in to reply to this topic. Login to reply