Post reply

TDE - Database encryption

  • August 20, 2014 at 2:24 am

    #310349

    Hi there - What level of encryption does SQL 2008 R2 TDE encrypt at; 128, 258? Thanks!

    --------------------------------------------

    Laughing in the face of contention...

  • August 20, 2014 at 2:31 am

    #1739495

    Depends on what you set it to.

    From Books Online (http://msdn.microsoft.com/en-us/library/bb934049.aspx)

    To use TDE, follow these steps.

    Create a master key

    Create or obtain a certificate protected by the master key

    Create a database encryption key and protect it by the certificate

    Set the database to use encryption

    As part of creating a database encryption key, you specify what algorithm to use.

    See Books Online: http://msdn.microsoft.com/en-us/library/bb677241.aspx, specifically the WITH ALGORITHM clause.

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass

  • August 20, 2014 at 2:38 am

    #1739499

    Thanks for the link.

    I actually looked at it before creating a Topic.

    I would like to know wheather it is 256 or 128 but the link does not mention it. However, the script at the bottom of the page mentions 128. Can I assume that TDE is 128;

    USE master;

    GO

    CREATE MASTER KEY ENCRYPTION BY PASSWORD = '<UseStrongPasswordHere>';

    go

    CREATE CERTIFICATE MyServerCert WITH SUBJECT = 'My DEK Certificate';

    go

    USE AdventureWorks2012;

    GO

    CREATE DATABASE ENCRYPTION KEY

    WITH ALGORITHM = AES_128

    ENCRYPTION BY SERVER CERTIFICATE MyServerCert;

    GO

    ALTER DATABASE AdventureWorks2012

    SET ENCRYPTION ON;

    GO

    --------------------------------------------

    Laughing in the face of contention...

  • August 20, 2014 at 2:43 am

    #1739502

    arrjay (8/20/2014)

    Can I assume that TDE is 128;

    Only if you set it to use 128. I'll repeat part of my previous post.

    "As part of creating a database encryption key (for TDE), you specify what algorithm to use.

    See Books Online: http://msdn.microsoft.com/en-us/library/bb677241.aspx, specifically the WITH ALGORITHM clause."

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass

  • August 20, 2014 at 2:58 am

    #1739507

    Ok, great. Thanks

    --------------------------------------------

    Laughing in the face of contention...

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply