Verifying Signature Using SQL Server 2005
page 2 of 5
by Xianzhong Zhu
Feedback
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days): 26954/ 85

Examining SQL Server 2005 Cryptography architecture

SQL Server 2005 implements a framework to help protect encryption keys by using an encryption key hierarchy, as shown in Figure 1.  In this hierarchy each layer encrypts the layers that are below it.

Figure 1 – SQL Server 2005 encryption key hierarchy.

As seen from Figure 5, The Data Protection API (DPAPI) is at the top of this encryption key hierarchy, which in fact is a pair of function calls that provide operating system–level data protection services to user and system processes.  Instances of SQL Server 2005 encrypt their primary keys by the DPAPI service of Windows and then they encrypt the primary key of each database using these primary keys.  Each database's primary key is then used to encrypt the certificates or asymmetric keys inside the database.  Later, the symmetric keys can continue to be encrypted through these certificates and asymmetric keys.  This forms a full key management architecture.

Asymmetric Key

An asymmetric key consists of a private key and the corresponding public key.  Each of these keys can decrypt data that the other keys encrypt.  In SQL Server 2005 the asymmetric keys are public and private key pairs.  The public key does not have a particular format as a certificate would have and the developer cannot export it to a file. 

In SQL Server 2005 a developer can encrypt asymmetric keys by using the following two methods:

1. A user key that is derived from a user-supplied password

2. The Database Master Key

Symmetric Key

A symmetric key is a single key that is used for both encryption and decryption.  The encryption and decryption operations perform quickly with symmetric encryption.  Therefore, symmetric encryption is well suited for encrypting bulk data in SQL Server 2005.

Generally speaking, symmetric encryption is of great efficiency but of less safety, while asymmetric encryption is much more secure but with no efficiency.  We should, therefore, encrypt the key data, such as a symmetric key, with asymmetric encryption policy and then use symmetric key to encrypt large amounts of data.


View Entire Article

User Comments

Title: SQL Course Help   
Name: Christi parks
Date: 2013-01-18 8:20:59 AM
Comment:
I am not a programmer but I have this SQL subject this session and have to prepare for it. What all topics should be covered in it?
And has anyone studied from this course www.wiziq.com/course/125-comprehensive-introduction-to-sql of SQL tutorial online?? or tell me any other guidance...
would really appreciate help
Title: Encrypt/Decrypt password   
Name: Keerthi
Date: 2009-07-13 2:30:05 AM
Comment:
Hi,
Nice Article!

Iam using the same in my application..

but if the user forgot his password then how to Reset/decrypt the password in database. Please help me...
Title: ASP.NET Signature Capture Control   
Name: Online Signatures
Date: 2008-08-25 11:14:39 PM
Comment:
Online Signature Capture ASP.NET Application http:// mysignature. brinkster. net (For ASP.NET 1.1 2.0) is an ASP.NET Web Custom Control that creates an online signature box to capture signature. Users can now Sign Documents Online using mouse as a pen!. Your clients can use this signature box to sign or upload their signature in your web page. Pure .NET code and HTML based, no plugins, activeX required. It is compatible with all browsers and available with full source code @ $19.00 no extra license fees required.






Community Advice: ASP | SQL | XML | Regular Expressions | Windows


©Copyright 1998-2019 ASPAlliance.com  |  Page Processed at 2019-11-21 5:35:54 AM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search