# Expert SQL Server 2008 Development- P4

Chia sẻ: Thanh Cong | Ngày: | Loại File: PDF | Số trang:50

0
55
lượt xem
6

## Expert SQL Server 2008 Development- P4

Mô tả tài liệu

Tham khảo tài liệu 'expert sql server 2008 development- p4', công nghệ thông tin, cơ sở dữ liệu phục vụ nhu cầu học tập, nghiên cứu và làm việc hiệu quả

Chủ đề:

Bình luận(0)

Lưu

## Nội dung Text: Expert SQL Server 2008 Development- P4

1. CHAPTER 6 ENCRYPTION Hashing A hashing function allows you to perform a one-way encryption of any data, with deterministic results. By “deterministic,” I mean that a given input into the hashing function will always produce the same output. Hashing, in itself, is arguably not a true method of encryption, because once a value has been hashed there is no way to reverse the process to obtain the original input. However, hashing methods are often used in conjunction with encryption, as will be demonstrated later in this chapter. SQL Server 2008 provides the HASHBYTES function, which produces a binary hash of any supplied data using one of a number of standard hashing algorithms. For any given input x, HASHBYTES(x) will always produce the same output y, but there is no method provided to retrieve x from the resulting value y. Figure 6-3 illustrates the HASHBYTES function in action. HASHBYTES is useful in situations where you need to compare whether two secure values are the same, but when you are not concerned with what the actual values are: for example, to verify that the password supplied by a user logging into an application matches the stored password for that user. In such cases, instead of comparing the two values directly, you can compare the hashes of each value; if any two given values are equal, then the hashes of those values produced using a given algorithm will also be the same. Although hash algorithms are deterministic, so that a given input value will always generate the same hash, it is theoretically possible that two different source inputs will share the same hash. Such occurrences, known as hash collisions, are relatively rare but important to bear in mind from a security point of view. In a totally secure environment, you cannot be certain that simply because two hashes are equal, the values that generated those hashes were the same. The HASHBYTES function supports the Message Digest (MD) algorithms MD2, MD4, MD5, and the Secure Hash Algorithm (SHA) algorithms SHA, and SHA1. Of these, SHA1 is the strongest, and is the algorithm you should specify in all cases unless you have a good reason otherwise. The following code listing illustrates the result of the HASHBYTES function used to hash a plain text string using the SHA1 algorithm: SELECT HASHBYTES('SHA1', 'The quick brown fox jumped over the lazy dog'); GO The hash generated in this case is as follows: 0xF6513640F3045E9768B239785625CAA6A2588842 Figure 6-3. The HASHBYTES function in action This result is entirely repeatable—you can execute the preceding query as many times as you want and you will always receive the same output. This deterministic property of hash functions is both their greatest strength and their greatest weakness. 129
2. CHAPTER 6 ENCRYPTION The advantage of obtaining consistent output is that, from a data architecture point of view, hashed data can be stored, indexed, and retrieved just like any other binary data, meaning that queries of hashed data can be designed to operate efficiently with a minimum amount of query redesign. However, there is a risk that potential attackers can compile a dictionary of known hashes for different algorithms and use these to perform reverse-lookups against your data in order to try to guess the source values. This risk becomes even more plausible in cases where attackers can make reasonable assumptions in order to reduce the list of likely source values. For example, in systems where password strength is not enforced, users who are not security-minded typically choose short, simple passwords or easily predicted variations on common words. If a hacker were to obtain a dataset containing hashes of such passwords generated using the MD5 algorithm, they would only have to search for occurrences of 0x2AC9CB7DC02B3C0083EB70898E549B63 to identify all those users who had chosen to use “Password1” as their password, for example. Hashes can be made more secure by adding a secret salt value to the plain text prior to hashing, as will be shown later in this chapter. Symmetric Key Encryption Symmetric key encryption methods use the same single key to perform both encryption and decryption of data. This is illustrated in Figure 6-4. Figure 6-4. Symmetric key encryption Unlike hashing, which is deterministic, symmetric encryption is a nondeterministic process. That is to say, you will obtain different results from encrypting the same item of data on different occasions, even if it is encrypted with the same key each time. SQL Server 2008 supports a number of common symmetric encryption algorithms, including Triple DES, and keys with bit lengths of 128, 192, and 256 based on the Advanced Encryption Standard (AES). The strongest symmetric key supported is AES256. Symmetric keys themselves can be protected either by a certificate, password, asymmetric key, or another symmetric key, or they can be protected outside SQL Server by an EKM provider. The following example illustrates how to create a new symmetric key, SymKey1, that is protected by a password: CREATE SYMMETRIC KEY SymKey1 WITH ALGORITHM = AES_256 ENCRYPTION BY PASSWORD = '5yMm3tr1c_K3Y_P@$$w0rd!'; GO 130 3. CHAPTER 6 ENCRYPTION Note By default, symmetric keys created using the CREATE SYMMETRIC KEY statement are randomly generated. If you want to generate a specific, reproduceable key, you must explicitly specify the KEY_SOURCE and IDENTITY_VALUE options when the key is generated, such as follows: CREATE SYMMETRIC KEY StaticKey WITH KEY_SOURCE = ‘#K3y_50urc£#’, IDENTITY_VALUE = ‘-=1d3nt1ty_VA1uE!=-’, ALGORITHM = TRIPLE_DES ENCRYPTION BY PASSWORD = ‘P@55w0rD’; To encrypt data using a symmetric key, you must first open the key. Since SymKey1 is protected by a password, to open this key you must provide the associated password using the OPEN SYMMETRIC KEY DECRYPTION BY PASSWORD syntax. Having opened the key, you can use it to encrypt data by providing the plain text to be encrypted, together with the GUID of the symmetric key, to the ENCRYPTBYKEY method. Once you are finished using the key, you should close it again using CLOSE SYMMETRIC KEY (if you fail to explicitly close any open symmetric keys, they will automatically be closed at the end of a session). These steps are illustrated in the following code listing: -- Open the key OPEN SYMMETRIC KEY SymKey1 DECRYPTION BY PASSWORD = '5yMm3tr1c_K3Y_P@$$w0rd!'; -- Declare the cleartext to be encrypted DECLARE @Secret nvarchar(255) = 'This is my secret message'; -- Encrypt the message SELECT ENCRYPTBYKEY(KEY_GUID(N'SymKey1'), @secret); -- Close the key again CLOSE SYMMETRIC KEY SymKey1; GO The result of the preceding code listing is an encrypted binary value, such as that shown following: 0x007937851F763944BD71F451E4E50D520100000097A76AED7AD1BD77E04A4BE68404AA3B48FF6179A D9FD74E10EE8406CC489D7CD8407F7EC34A879BB34BA9AF9D6887D1DD2C835A71B760A527B0859D47B3 8EED Note Remember that encryption is a nondeterministic process, so the results that you obtain will differ from those just shown. Decrypting data that has been encrypted using a symmetric key follows a similar process as for encryption, but using the DECRYPTBYKEY method rather than the ENCRYPTBYKEY method. A further difference to note is that the only parameter required by DECRYPTBYKEY is the ciphertext to be decrypted; 131
4. CHAPTER 6 ENCRYPTION there is no need to specify the GUID of the symmetric key that was used to encrypt the data, as this value is stored as part of the encrypted data itself. The following code listing illustrates how to decrypt the data encrypted with a symmetric key in the previous example: OPEN SYMMETRIC KEY SymKey1 DECRYPTION BY PASSWORD = '5yMm3tr1c_K3Y_P@w0rd!'; DECLARE @Secret nvarchar(255) = 'This is my secret message'; DECLARE @Encrypted varbinary(max); SET @Encrypted = ENCRYPTBYKEY(KEY_GUID(N'SymKey1'),@secret); SELECT CAST(DECRYPTBYKEY(@Encrypted) AS nvarchar(255)); CLOSE SYMMETRIC KEY SymKey1; GO This results in the original plain text message being retrieved: This is my secret message On occasions, you may wish to encrypt data without having to deal with the issues associated with creating and securely storing a permanent symmetric key. In such cases, the ENCRYPTBYPASSPHRASE function may prove useful. ENCRYPTBYPASSPHRASE generates a symmetric key using the Triple DES algorithm based on the value of a supplied password, and uses that key to encrypt a supplied plain text string. The main benefit of this method is that it does not require the creation or storage of any keys or certificates; when the data needs to be decrypted, you simply supply the same password to the DECRYPTBYPASSPHRASE method, which enables the identical symmetric key to be generated to decrypt the ciphertext. The key itself is never stored at any point, and is only generated transiently as and when it is required. To encrypt data using a passphrase, supply a passphrase followed by a clear text string to the ENCRYPTBYPASSPHRASE function as follows: SELECT ENCRYPTBYPASSPHRASE('PassPhrase', 'My Other Secret Message'); GO When I ran this code listing, I obtained the binary value shown following. However, remember that ENCRYPTBYPASSPHRASE uses nondeterministic symmetric encryption, so you will obtain different results every time you execute this query. 0x010000007A65B54B1797E637F3F018C4100468B115CB5B88BEA1A7C36432B0B93B8F616AC8D3BA7307D5005E To decrypt the data again, pass the same passphrase and the encrypted text into the DECRYPTBYPASSPHRASE function. As with all the asymmetric and symmetric encryption methods provided by SQL Server, the resulting decrypted data is returned using the varbinary datatype, and may need to 132
5. CHAPTER 6 ENCRYPTION be converted into the appropriate format for your application. In this case, CASTing the result to a varchar returns the original plain text string: SELECT CAST(DECRYPTBYPASSPHRASE('PassPhrase', 0x010000007A65B54B1797E637F3F018C4100468B115CB5B88BEA1A7C36432B0B93B8F616AC8D3BA7307 D5005E) AS varchar(32)); GO My Other Secret Message As demonstrated, ENCRYPTBYPASSPHRASE is a very simple method of implementing symmetric encryption without the issues associated with key management. However, it is not without its drawbacks: Firstly, ciphertext generated by ENCRYPTBYPASSPHRASE can be decrypted only when used in conjunction with the passphrase used to encrypt it. This may seem like an obvious point, but bear in mind that SQL Server provides no mechanism for backing up or recreating the passphrase, so, if it is ever lost, the original data can never be restored. This means that you need to consider strategies for how to backup the passphrase in a secure manner; there is not much point encrypting your data if the passphrase containing the only knowledge required to access that data is stored in an openly accessible place. Secondly, the ENCRYPTBYPASSPHRASE function always encrypts data using the Triple DES algorithm. Although this is a well-recognized and widely used standard, some business requirements or client specifications may require stronger encryption algorithms, such as those based on AES. Although AES symmetric keys of bit lengths 128, 192, and 256 may be created in SQL Server 2008, these cannot be used by ENCRYPTBYPASSPHRASE. The strength of the symmetric key is entirely dependent on the passphrase from which it is generated, but SQL Server does not enforce any degree of password complexity on the passphrase supplied to ENCRYPTBYPASSPHRASE. This may lead to weak encryption strength based on a poorly chosen key. The supplied clear text can only be varchar or nvarchar type (although this limitation is fairly easily overcome by CASTing any other datatype prior to encryption). Despite these weaknesses, ENCRYPTBYPASSPHRASE can still be a useful choice in certain situations, such as when it is necessary to encrypt data from users in the sysadmin and db_owner roles. See the sidebar entitled “Protecting Information from the DBA” for more information on this topic. 133
7. CHAPTER 6 ENCRYPTION certificates were used in the last chapter to demonstrate one method of assigning permissions to stored procedures. Encryption by certificate and encryption by asymmetric key use the same algorithm and, assuming equal key length, provide exactly the same encryption strength. For every method that deals with asymmetric key encryption in SQL Server, an equivalent method provides the same functionality for certificate encryption. Asymmetric Keys or Certificates? Certificate and asymmetric key encryption both use the same widely used RSA algorithm. Assuming equal key length, certificate and asymmetric encryption will provide the same encryption strength, and there are no significant differences between the functionality available with either type. So, which should you choose? The decision may be influenced by whether you choose to generate the key within SQL Server itself or from an outside source. Self-signed certificates in SQL Server can only have a key length of 1024 bits, whereas stronger asymmetric keys may be created with a private key length of 512, 1024, or 2048 bits. However, asymmetric keys and certificates may both be imported from external sources, in which case the key length may be up to 3456 bits. I recommend asymmetric encryption using certificates rather than asymmetric key pairs, as certificates allow for additional metadata to be stored alongside the key (such as expiry dates), and certificates can easily be backed up to a CER file using the BACKUP CERTIFICATE command, whereas a method to provide the equivalent functionality for an asymmetric key pair is strangely lacking. As explained previously, by default the private keys of asymmetric key pairs and certificates are protected by the DMK, which is automatically used to open these keys as and when they are required by any users who have been granted permission to the relevant securable. The following code listing illustrates how to create a 1024-bit asymmetric key using the RSA algorithm: CREATE ASYMMETRIC KEY AsymKey1 WITH Algorithm = RSA_1024; GO Encrypting data using the asymmetric key follows a slightly different process than for symmetric encryption, as there is no need to explicitly open an asymmetric key prior to encryption or decryption. Instead, you pass the ID of the asymmetric key and the plain text to be encrypted to the ENCRYPTBYASYMKEY method, as demonstrated in the following code listing: DECLARE @Secret nvarchar(255) = 'This is my secret message'; DECLARE @Encrypted varbinary(max); SET @Encrypted = ENCRYPTBYASYMKEY(ASYMKEY_ID(N'AsymKey1'), @Secret); GO 135
8. CHAPTER 6 ENCRYPTION The DECRYPTBYASYMKEY (and the equivalent DECRYPTBYCERT) functions can be used to return the varbinary representation of any asymmetrically encrypted data, by supplying the key ID and encrypted ciphertext, as follows: DECLARE @Secret nvarchar(255) = 'This is my secret message'; DECLARE @Encrypted varbinary(max); SET @Encrypted = ENCRYPTBYASYMKEY(ASYMKEY_ID(N'AsymKey1'), @secret); SELECT CAST(DECRYPTBYASYMKEY(ASYMKEY_ID(N'AsymKey1'), @Encrypted) AS nvarchar(255)); GO You may have noticed when running the preceding code samples that, even when only dealing with a very small amount of data, asymmetric encryption and decryption methods are much slower than the equivalent symmetric functions. This is one of the reasons that, even though asymmetric encryption provides stronger protection than symmetric encryption, it is not recommended for encrypting any column that will be used to filter rows in a query, or where more than one or two records will be decrypted at a time. Instead, asymmetric encryption is most useful as a method to protect other encryption keys, as will be discussed later in this chapter. Transparent Data Encryption Transparent data encryption (TDE) is a new feature available in the Developer and Enterprise editions of SQL Server 2008. It is “transparent” in that, unlike all of the previous methods listed, it requires no explicit change to database architecture, and it doesn’t necessitate queries to be rewritten using specific methods to encrypt or decrypt data. In addition, generally speaking, it is not necessary to deal with any key management issues relating to TDE. So how does TDE work? Rather than operating on chosen values or columns of data, transparent encryption provides automatic symmetric encryption and decryption of all data passing from the file system layer to the SQL Server process. In other words, the MDF and LDF files in which database information is saved are stored in an encrypted state. When SQL Server makes a request for data in these files, it is automatically decrypted at the I/O level. The query engine can therefore operate on it just as it does any other kind of data. When the data is written back to disk, TDE automatically encrypts it again. TDE provides encryption of (almost) all data within any database for which it is enabled, based on the database encryption key (DEK) stored in the user database. The DEK is a symmetric key protected by a server certificate stored in the master database, which, in turn, is protected by the DMK of the master database and the SMK. To enable TDE on a database, you first need to create a server certificate in the master database (assuming that the master database already has a DMK): USE MASTER; GO CREATE CERTIFICATE TDE_Cert WITH SUBJECT = 'Certificate for TDE Encryption'; GO 136
9. CHAPTER 6 ENCRYPTION Then use the CREATE DATABASE ENCRYPTION KEY statement to create the DEK in the appropriate user database: USE ExpertSqlEncryption; GO CREATE DATABASE ENCRYPTION KEY WITH ALGORITHM = AES_128 ENCRYPTION BY SERVER CERTIFICATE TDE_Cert; GO Note The preceding code listing will generate a warning message advising you to make a backup of the server certificate with which the DEK is encrypted. In a production environment, I suggest that you read this message carefully and follow its advice. Should the certificate become unavailable, you will be unable to decrypt the DEK, and all data in the associated database will be lost. Having created the necessary keys, TDE can be enabled using a single T-SQL statement, as follows: ALTER DATABASE ExpertSqlEncryption SET ENCRYPTION ON; GO To check the encryption status of all the databases on a server, you can query the sys.dm_database_encryption_keys view, as follows: SELECT DB_NAME(database_id) AS database_name, CASE encryption_state WHEN 0 THEN 'Unencrypted (No database encryption key present)' WHEN 1 THEN 'Unencrypted' WHEN 2 THEN 'Encryption in Progress' WHEN 3 THEN 'Encrypted' WHEN 4 THEN 'Key Change in Progress' WHEN 5 THEN 'Decryption in Progress' END AS encryption_state, key_algorithm, key_length FROM sys.dm_database_encryption_keys; GO The results indicate that both the ExpertSqlEncryption user database and the tempdb system database are now encrypted: 137