The CREATE SYMMETRIC KEY statement in MS SQL 2005 allows for session temporary keys to be created by prefixing the name with ‘#’, the same as session temporary tables. After I read this I spent a couple of days wondering why this would be useful, after all the EncryptByPassPhrase function is there and does a similar sort of thing.
Then while looking around to find what algorithm EncryptByPassPhrase uses (its Triple DES thanks to Dan Sullivan) it clicked. Triple DES is not the strongest thing around, so by using the KEY_SOURCE clause of CREATE SYMMETRIC KEY you can specify your own key and keep it out of the DB and choose from any of the (potentially stronger) symmetric algorithms: DES, Triple DES, RC2, RC4, DESX, AES 128, AES 192 and AES 256.
Post a Comment