Windows Azure Platform Developer Center >
Azure Forums
>
SQL Azure — Getting Started
>
Encrypt/Decrypt functions not available?
Encrypt/Decrypt functions not available?
- Hi,
I was wondering when theENCRYPTBYPASSPHRASE / DECRYPTBYPASSPHRASE would be made available for SQL Azure. Other than building the encryption functions in the gui, are there any other functions that will do simple encryption on Azure?
Thanks,
-m
Answers
- Hello,
HASHBYTES ( http://msdn.microsoft.com/en-us/library/ms174415.aspx ) is available and I am having no issues using it.
Well, it is a one-way encryption function using either of MD2 | MD4 | MD5 | SHA | SHA1 algorythms.
Since I see you are going to use it to encrypt a passphrase, you can also use this HashBytes. I prefer it since it uses one-way hashing algorythms, so there is no way to get back the encrypted data even if you have the hash (well, OK I kwno about the roumors that MD5 is no longer considered as one-way and someone somewhere discovered a method to get back the initially encrypted data). The usage is as simple as:
... AND
HASHBYTES('sha1',@uPwd) = U.Password
You can also have some random generated SALT to append to the raw password provided in @uPwd parameter, and have this salt stored in another place. It's just how secure you want your system to be.- Marked As Answer byEvan BasalikMSFT, ModeratorWednesday, November 04, 2009 6:14 PM
- Proposed As Answer byAnton Staykov Tuesday, November 03, 2009 10:06 PM
All Replies
- Hello,
HASHBYTES ( http://msdn.microsoft.com/en-us/library/ms174415.aspx ) is available and I am having no issues using it.
Well, it is a one-way encryption function using either of MD2 | MD4 | MD5 | SHA | SHA1 algorythms.
Since I see you are going to use it to encrypt a passphrase, you can also use this HashBytes. I prefer it since it uses one-way hashing algorythms, so there is no way to get back the encrypted data even if you have the hash (well, OK I kwno about the roumors that MD5 is no longer considered as one-way and someone somewhere discovered a method to get back the initially encrypted data). The usage is as simple as:
... AND
HASHBYTES('sha1',@uPwd) = U.Password
You can also have some random generated SALT to append to the raw password provided in @uPwd parameter, and have this salt stored in another place. It's just how secure you want your system to be.- Marked As Answer byEvan BasalikMSFT, ModeratorWednesday, November 04, 2009 6:14 PM
- Proposed As Answer byAnton Staykov Tuesday, November 03, 2009 10:06 PM
- Thanks Anton! I will give that a shot and see how it works. That should be perfect.
-m
