I have created a Service Based database using Visual Studio 2010 and I want to encrypt the .mdf file. I read that this cannot be done. I want the .mdf to be opened only using my C# program or make the database accessible only via my C# program. Is it possible to encrypt it?
Asked
Active
Viewed 320 times
1
-
It may arguably be better and perhaps more efficient to encrypt `the data` as it _is written to the DB_ rather than encrypting the entire file? – Feb 27 '15 at 05:07
-
Do you mean like encrypting only the tables? – Dave Howson Feb 27 '15 at 05:10
-
If required, but you might find you only need to encrypt certain columns. e.g. a you might encrypt a `string` prior to sending it to the database only to be written to say a `NVARCHAR[50] column`. There's probably many other fine solutions like some automatic encryption handled by your ORM of choice perhaps? It might all depend on your needs. Do all columns of all tables need to be encrypted? You probably would not want to encrypt primary key columns? – Feb 27 '15 at 05:18
-
I thought that encrypting the entire database would be easier because I can encrypt the .mdf file and decrypt it everytime my application is opened and the correct key is entered. If encrypting columns is a possibility, I'd chose that method. I have around 4 columns that need to be encrypted. If encrypting .mdf's are impossible, would encrypting only a column be possible? – Dave Howson Feb 27 '15 at 05:22
-
Yes that would work and I agree it's much much easier - _decrypt on application launch_. I guess you would need to write the file out somewhere (unless it's being kept in memory somehow) so that you can query it, but also in a way that another program can not access the now `decrypted` **.mdf**. – Feb 27 '15 at 05:31
-
Accessing it while my program is open and the .mdf is decrypted will not be an issue. I searched for a way to encrypt a column but found nothing. Would you please assist me? – Dave Howson Feb 27 '15 at 05:47
-
_[You can encrypt data held in a column using EncryptByPassPhrase.](http://stackoverflow.com/questions/1265001/how-to-protect-the-sql-server-2005-mdf-file)_. Some good things there, many I was not aware of. Good luck my friend! – Feb 27 '15 at 05:53
-
I don't have TDE in my SQL version. This is not a possibilty for me. Here's what I want, I want to decrypt my database everytime the connection string is passed. That is all I want. How hard is it to do that!! : – Dave Howson Feb 27 '15 at 07:11
-
_"...**everytime the connection string is passed**..."_ You really need to tell us more about your database. How big is it? What happens during concurrent connections? I certainly **would not want to decrypt a reasonably-sized database every time** _"everytime the connection string is passed"_. Sounds like a terrible idea to me – Feb 27 '15 at 07:38
1 Answers
1
I don't know why this is downvoted but I did my homework before posting this and I came across sites which said that encrypting .mdf is impossible or that it shouldn't be done. I just wanted to encrypt my DB. So I decided to create a .sdf instead and now it's platform encrypted. Thanks for @Micky for helping me btw..
Dave Howson
- 156
- 6
- 14