Re: Secure data in SQL Server 2005 Mobile Edition

Yes, we just copied the file over.

We tried again without checking the encrypt option and the error no longer
occurs. But we have a few burning questions:

1. Without checking the option, how can the database be encrypted with just
the password?

2. What is the difference between encryption with and without the encrypt
option?

3. As it is customer's requirement to have AES-128, it is important that we
know what the encryption algorithm is. We have tried looking up information
on this to no avail. Is there any way you could kindly help us on this (maybe
by providing us some references or contacts)? Would greatly appreciate it if
possible.

Thanks.


"Ginny Caughey [MVP]" wrote:

You just copied the sdf file from the desktop to the device, right? Does the
password have any accented characters in it or anything like that? One other
thing to try is not checking the encrypt option - the database still gets
encrypted if you provide a password.

I don't know which encryption algorithm is used for SQL Compact but I've
been told it's 128-bit.

--
Ginny


"AimlessZombie" <AimlessZombie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:D9FE095C-A3F3-494C-B022-482C9254C29B@xxxxxxxxxxxxxxxx
Hi,

We have decided to go ahead with encrypted the entire database for now,
thus
I am trying to encrypt a database on SQL Server 2005 on a desktop and
replicate this database on SQL Server Mobile Edition on a mobile device.

I followed the "How to: Secure a Database (SQL Server Management Studio)"
topic in the SQL Server 2005 Mobile Edition Books Online to set a password
for my database connection string and checked the encrypt option. But when
I
tried to access the database on the mobile device by opening a
sqlceconnection, I got the following error:

The specified password does not match the database password.

I have ensured that my connection string is correct with the correct data
source and correct password. I have even tried changing passwords but I
still
got the same error.

1. Is this the correct way of encrypting a database? Am I doing wrong or
missing anything?

2. What is the encryption algorithm used by SQL Server Management Studio
when the encrypt option is chosen?

Thanks for the help.

"Ginny Caughey [MVP]" wrote:

The size is the same whether it's encrypted or not. I used the Northwind
database for my tests but the larger AdventureWorks one might also make
an
interesting test.

I think the best way to get answers for your specific case would be to
build
encrypted and non-encrypted databases with the schema you need and run a
few
simple tests for yourself. Frankly the reason I didn't spend more time
doing
thorough testing was that I think if you need encryption, then you neeed
it
and whatever the perf hit, well that's the price you pay. Still I was
pleased to find the hit was a small one in my tests.

--
Ginny


"AimlessZombie" <AimlessZombie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:2B849C1A-0785-4C8B-BD52-9DFDB4359A80@xxxxxxxxxxxxxxxx
What about the database size?

"Ginny Caughey [MVP]" wrote:

I didn't test it with different schemas. The hit on the device was
between
8-10% for most operations. On the desktop it was barely measurable.

--
Ginny


"AimlessZombie" <AimlessZombie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:428B5E6D-B41C-428A-BC94-9BF040568FDE@xxxxxxxxxxxxxxxx
Thanks for your reply.

Not exactly that I wanted a more complicated encryption, but i was
worried
about the performance hit for encrypting the whole database.

Can I ask what is the size of the database you tested with? Also,
would
the
performance hit be affected by the database schema?

"Ginny Caughey [MVP]" wrote:

Encryption in SQL Mobile is at the database level only. In my
testing
the
performance hit for using encryption is quite low, and using an
encrypted
database is as easy as providing a password in the connection
string,
so
I'm
not sure why you'd want something more complicated than that.

--
Ginny


"AimlessZombie" <AimlessZombie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:721B8943-84FA-41DF-8AFB-633C0A85F1DA@xxxxxxxxxxxxxxxx
I understand that it is possible to encrypt a database in SQL
Server
2005
Mobile Edition. But I do not want to encrypt the entire database.
Instead
I
just want to encrypt only selected data in the database.

Can this be done in Mobile Edition? If yes, how to do it and is
there
any
reference sites?

Many thanks.




.

Relevant Pages

  • Re: Database encryption.
    ... > I am writing application that encrypt paradox type database with IDEA ... which is used to mark end of string. ...
    (sci.crypt)
  • Re: 2 Keys decrypts same message
    ... > I don't want to encrypt each row twice (with a admin password ... Keeping the database secret. ... lots of disk storage and high speed LAN (Local Area ...
    (sci.crypt)
  • Re: SSN encryption
    ... >> We want to encrypt social security numbers in a database. ... address and SSN are always excluded. ... exposed if there were a breakdown in the other security precautions. ...
    (sci.crypt)
  • Re: Secure data in SQL Server 2005 Mobile Edition
    ... What is the difference between encryption with and without the> encrypt ... >> thing to try is not checking the encrypt option - the database still>> gets ... >>> I am trying to encrypt a database on SQL Server 2005 on a desktop ...
    (microsoft.public.sqlserver.ce)
  • Re: Secure data in SQL Server 2005 Mobile Edition
    ... We have decided to go ahead with encrypted the entire database for now, ... replicate this database on SQL Server Mobile Edition on a mobile device. ... for my database connection string and checked the encrypt option. ...
    (microsoft.public.sqlserver.ce)