encryption passphrase hard coded into tableadaper selectcommand , is it safe ? RRS feed

  • Question

  • I have encrypted a few columns in the database file, my application decrypts it with the tableadapter selectcommand , the password is hard coded into this command in order for the datagrid to show the unencrypted columns, any comments on security of this approach , and suggestions on how to improve it ? thanks
    Wednesday, January 14, 2009 5:37 AM

All replies

  •   I am not familiar with tableadapter; but in generally speaking, a hardcoded password in any application is a very bad idea. If a password has been hardcoded, it is relatively trivial to receiver via reverse engineering, and once it is discovered, it can easily be published, affecting all of your customers and pushing you into a support nightmare.

       I would recommend analyzing the threats against the asset you are trying to protect, and based on this analysis decide what is the best approach for mitigating the risk. For example, if you are trying to help your customers protect sensitive business data, one possible solution would be to put the key (or password) in control of the customer.

      In SQL Server 2005 and SQL Server 2008 there is a key hierarchy that may help you to protect data (i.e. using EncryptByKey/DecryptByKey builtins), that use the SQL Server authorization infrastructure in such a way that the DBA can grant access to each one of the keys used by your application to individual or groups.

       On the other hand, if the problem you are trying to solve is a DRM (Digital Rights Management) one, SQL Server does not provide such infrastructure. For more information I would recommend reading other DRM-related threads in this forum.

      I hope this information helps. Please let us know if you have any additional question/feedback.

     -Raul Garcia
       SQL Server Engine

    This posting is provided "AS IS" with no warranties, and confers no rights.
    Wednesday, January 14, 2009 7:49 PM