This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Remove From My Forums

[SQLServer2005] I don't have a database master key, I still can create a symmetric key. Why?

Question
0

Sign in to vote

When I don't have master key for AdventureWorks, I still can do this:

CREATE SYMMETRIC KEY Test

WITH ALGORITHM = DES

ENCRYPTION BY PASSWORD = 'abc123.';

What if I create a symmetric key without database master key?

I read MSDN but it doesn't say about this.

Saturday, November 13, 2010 7:55 AM

Answers

0

Sign in to vote
The SQL Server Books Online (http://msdn.microsoft.com/en-us/library/ms188357.aspx) says: "when a symmetric key is encrypted with a password instead of the public key of the database master key, the TRIPLE DES encryption algorithm is used." So the database master key does not come into play here. The database master key would be needed indirectly if you instead protected the symmetric key with an asymmetric key or certificate that was encrypted with the database master key.
Dan Guzman, SQL Server MVP, http://weblogs.sqlteam.com/dang/
- Proposed as answer by Raul Garcia - MSMicrosoft employee Tuesday, November 16, 2010 3:24 AM
- Marked as answer by Emerald214 Tuesday, November 16, 2010 7:16 PM
Saturday, November 13, 2010 7:25 PM