locked
Why encrypt DEK by Asymmetric Key or Certificate, instead of Database Master Key in DTE? RRS feed

  • Question

  • Below is the recommended hierarchy for Database Transparent Encryption I found from here MS DOC

    DPAPI -> Service Master Key -> DMK --> Certificate (or Asymmetric Key) -> Database Encryption Key (DEK, a Symmetric Key) --> Data

    I want to know why it using Certificate to protect DEK, instead of using DMK protect DEK directly. Or, ask from another angle, why encrypting by an Asymmetric Key is more secure than by a Symmetric key?

    Two main answers I found from google, they are:

    1. Algorithm (RSA) for encrypting with Asymmetric Key is more complex than the algorithm (AES) that Symmetric key uses. The length of AK is longer thank SK.

    2. Symmetric key only has one key vs. AK has 2 keys. The same key has to hand over to the party who need to decrypt the database if using SK to encrypt the database.

    I am not quite convinced by these 2 answers, because

    a. if the algorithm or key-length is a concern for encrypting with SK vs. AK, then I think encrypting with a password is more concern. It is because the algorithm used for encrypting with PW is least secure and a PW is much shorter than SK/AK. PW is mandatory when creating DMK, plus any AK/SK key can be created with PW. 

    So, any key created with PW becomes the weakest link along the encryption chain, it doesn’t matter using DMK or AK to protect DEK.

     

    b. when moving a database from one server to another, the private key of a certificate should be exported and encrypted by a PW. So why not encrypt the database with a symmetric key, just export the SK by protected with a PW. Same as moving database with PW protected private-key file, as long as you know the PW for the SK file, you can move databases. I think the essential here is the PW, not the key, as long as you know the PW, you can get the key and move the database, it doesn’t matter the key is SK or AK. From cryptography point of view, i don’t think figuring out a PW is more difficult than figuring out an SK.

    So handing over a key is less concern, as long as it's protected by a PW. If the PW is exposed, no matter SK or AK is exposed too.

    Is my understanding right? Thanks for your response.


    Friday, September 14, 2018 2:01 AM

Answers

All replies

  • I want to know why it using Certificate to protect DEK, instead of using DMK protect DEK directly

    DEK is a symmetric key and it has got to be protected/secured by something at its upper level and that's where the certificate in the master database comes into the picture. If you use an Enterprise Key Manager from any vendor, then the DEK is an Asymmetric key which is protected by the Enterprise Key Manager. 

    Bottom line is, every key at each level is protected by something at one level above it. 

    To answer your question, as I mentioned, a DEK is a symmetric key and the immediate level above it is either a certificate, Asymmetric key or an Enterprise Key Manager. DMK protects the level below it i.e. certificate, Asymmetric key etc. and doesn't directly interact with the DEK, which falls after the certificate level. Hence, there is level between the DMK and the DEK.

    DMK protects the keys that in turn protect the symmetric keys which in turn protect the data. 


    Please remember to click "Mark as Answer" if my response answered your question or click "Vote as helpful" if it helped you in any way.

    Friday, September 14, 2018 4:00 AM
  • I want to know why it using Certificate to protect DEK, instead of using DMK protect DEK directly

    DEK is a symmetric key and it has got to be protected/secured by something at its upper level and that's where the certificate in the master database comes into the picture. If you use an Enterprise Key Manager from any vendor, then the DEK is an Asymmetric key which is protected by the Enterprise Key Manager. 

    Bottom line is, every key at each level is protected by something at one level above it. 

    To answer your question, as I mentioned, a DEK is a symmetric key and the immediate level above it is either a certificate, Asymmetric key or an Enterprise Key Manager. DMK protects the level below it i.e. certificate, Asymmetric key etc. and doesn't directly interact with the DEK, which falls after the certificate level. Hence, there is level between the DMK and the DEK.

    DMK protects the keys that in turn protect the symmetric keys which in turn protect the data. 


    Please remember to click "Mark as Answer" if my response answered your question or click "Vote as helpful" if it helped you in any way.

    I know what the hierarchy looks like and the keys protect one level below. the question I raised in the thread is to challenge the design of this hierarchy.

    • Edited by PhotoHiker Friday, September 14, 2018 2:11 PM
    Friday, September 14, 2018 2:09 PM
  • You may be interested (and amused) by reading this article, which is a ctrique on TDE: The Anatomy and (In)Security of Microsoft SQL Server Transparent Data Encryption (TDE), or How to Break TDE .

    Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se

    • Proposed as answer by Teige Gao Monday, September 17, 2018 8:39 AM
    • Marked as answer by PhotoHiker Monday, September 17, 2018 1:49 PM
    Friday, September 14, 2018 3:51 PM