encryption and decryption issue.

Question

Hi friends,

i am facing one critical issue with encryption functionality. please help me on this.

i amn't getting any error but the problem is with wrong data.

please find below details for more clear.

When an amount of 2222 is entered, it is expected that after encryption and then decryption same value should be returned. However, a singe digit number 7 is returned which is incorrect.

Thanks in Advance!!!

---

mastanvali shaik

Answer 1

Can you provide us with sample data  for testing?

---

Best Regards,Uri Dimant SQL Server MVP, http://sqlblog.com/blogs/uri_dimant/

MS SQL optimization: MS SQL Development and Optimization
MS SQL Consulting: Large scale of database and data cleansing
Remote DBA Services: Improves MS SQL Database Performance
SQL Server Integration Services: Business Intelligence

Answer 2

for example i have one column with column name ABC, it is encrypted column.

if the value of ABC is 1234 ,using decryption script i am able to read the same value 1234 in column ABC.

but if i give ABC value is 3333, using decryption script i am getting output value is  11 for column ABC.

column _name	original_value	getting value after encryption
ABC	1234	1234	here working fine encryption functionalities
ABC	3456	3456
ABC	2222	7	problem here only
ABC	3333	11

---

mastanvali shaik

Answer 3

And how do you decrypt & encrypt the data?

---

Olaf Helper

[ Blog] [ Xing] [ MVP]

Answer 4

i am using sql script to encrypt & decrypt data.if required i will share those scripts.

---

mastanvali shaik

Answer 5

i am using sql script to encrypt & decrypt data.if required i will share those scripts.

---

mastanvali shaik

I am not aware about any script to encrypt data its done via symmetric keys and if for whle column.  I am very much interested to see how this is done from your side. Have you enabled TDE for database ?

---

Cheers,

Shashank

Please mark this reply as answer if it solved your issue or vote as helpful if it helped so that other forum members can benefit from it

My TechNet Wiki Articles
MVP

Answer 6

i mean (sql script) to say creating symmetric keys,certificate using sql script. TDE enabled and since yesterday i am facing this issue before it's working fine.

---

mastanvali shaik

Answer 7

Hi, Could you check you following the way which is provided with this link 

Regards, Vijay

Answer 8

Could you post the encryption/decryption script? Anyway i am sensing a pattern there as it only affect "1111" type of data. How about 4444? Also,it doesn't seem like has anything to do with TDE, it does look like they are using some script to "calculate" the data.

Answer 9

TDE has nothing to do with this, it happens at a lower level (close to storage) and is "transparent" to components higher up the stack.

Please share the scripts used to encrypt/decrypt. Also, please clarify what is the original cleartext value, what is the encrypted text value then what is the decrypted text value. Your current description isn't clear which is what.

---

No great genius has ever existed without some touch of madness. - Aristotle

Answer 10

     OPEN SYMMETRIC KEY KEYNAME
   DECRYPTION BY CERTIFICATE CERTIFICATE NAME;
SELECT 
    CONVERT(DECIMAL, DecryptByKey(COLUMN NAME1)) 
    AS 'COLUMN NAME1',
     
       CONVERT(DECIMAL, DecryptByKey(COLUMN NAME2)) 
       AS 'COLUMN NAME2',

          CONVERT(DECIMAL, DecryptByKey(COLUMN NAME3)) 
       AS 'COLUMN NAME3'


    FROM TABLENAME

if i entered value 12345 for COLUMN NAME from application( front end), i need to get same value from database using decrypt script also but by using above script i am getting values 15,11,13 like default values.

---

mastanvali shaik

Answer 11

please provide complete script for us to reproduce the issue.

---

Balmukund Lakhani
Please mark solved if I've answered your question, vote for it as helpful to help other users find a solution quicker
--------------------------------------------------------------------------------
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------------------------------------------------------------------
My Blog | Team Blog | @Twitter | Facebook
Author: SQL Server 2012 AlwaysOn - Paperback, Kindle

Answer 12

i am using above mentioned script to read the data from database for encrypted columns.

---

mastanvali shaik

Answer 13

Still don't have a clear picture of what you're doing. You're mixing general terms with object names and actual data. Let's start from the bottom. We need the actual TSQL scripts for:

1. Creating the table - please provide

2. Inserting or updating data that will be encrypted  - please provide

3. Selecting and decrypting data that is already encrypted - already provided earlier but if you include in your response, it'll be easier for everyone to read the whole thing in one post

Thanks.

---

No great genius has ever existed without some touch of madness. - Aristotle

Answer 14

hi ,

i tried below to explain what i am doing and issue. please go through below description and let me know if anything required.

STEP 1:

create table abc

(

column1 varbinary(2000),

column2 varbinary(2000),

column3 varbinary(2000),

column4 varbinary(2000)

)

STEP 2:

insert into abc values (12345,4567,3333,3217)

go

insert into abc values (5432,4444,2136,9765)

go

insert into abc values (2222,6547,3459,4521)

output must be like below if table doesn't have encryption functionality

select * from abc

tablename         column1    column2       column3        column4

abc                    12345        4567              3333         3217

abc                    5432           4444             2136          9765

abc                    2222           6547            3459           4521

step 3:

CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'password' 

CREATE CERTIFICATE certificatename

WITH SUBJECT = 'certificate'

CREATE SYMMETRIC KEY keyname

WITH ALGORITHM = AES_256

ENCRYPTION BY CERTIFICATE certificatename;

--below mentioned procedure encrypt the table

STEP 4:

--Encryption process:

create procedure procedurename

as

  OPEN SYMMETRIC KEY keyname

  DECRYPTION BY CERTIFICATE certificatename;

  UPDATE abc

  SET column1 = EncryptByKey(Key_GUID('keyname'), cast(column1 as varchar))

 , column2= EncryptByKey(Key_GUID('keyname'), cast(column2 as varchar))

   ,column3 = EncryptByKey(Key_GUID('keyname'), cast(column3 as varchar))

   , column4= EncryptByKey(Key_GUID('keyname'), cast(column4 as varchar))

    from abc

 

STEP 5:

--Decryption process: this script i am using to read data from table 

OPEN SYMMETRIC KEY keyname

DECRYPTION BY CERTIFICATE certificatename;

SELECT

column,

       CONVERT(DECIMAL(18),DecryptByKey((column1))

       AS 'column1',

 

       CONVERT(DECIMAL(18),DecryptByKey((column2))

       AS'column2',

CONVERT(DECIMAL(18),DecryptByKey((column3))

       AS'column3',

             CONVERT(DECIMAL(18),DecryptByKey((column4))

             AS'column4'

       FROM abc

output must be like same as insert values by me above STEP 2 after decryption.

actuval o/p must be like this:

tablename       column1    column2    column3         column4

abc                    12345       4567        3333             3217

abc                     5432        4444          2136               9765

abc                     2222         6547         3459               4521

but i am getting below output for consecutive numbers

tablename        column1  column2        column3       column4

abc                   12345       4567             11                 3217

abc                    5432           7               2136               9765

abc                     5             6547             3459               4521

Thanks in advance!!!

 

---

mastanvali shaik

Answer 15

Hi,

please help me if any one have any idea about encryption.

---

mastanvali shaik

Answer 16

Mastanvali, have you made any progress with this?

Thanks!

---

Ed Price, Azure Development Customer Program Manager (Blog, Small Basic, Wiki Ninjas, Wiki)

Answer an interesting question? Create a wiki article about it!