Ask the Expert

Could a join of encrypted SQL Server data have a problem?

We are in the process of encrypting various pieces of sensitive information in our SQL Server 2000 tables. For many fields, we are using Blowfish 448 encryption and a concern has arisen about inline SQL statements that contain joins in our ASP scripts. Have you run across any scenarios where there's been a problem with a join of encrypted data? Could there ever be an instance where the encrypted field (encrypted by Blowfish) in one table would be different from the field in another table given the same initial string, which upon executing the join would cause the join to fail?

To be clearer, here is a quick example:

Table A has an encrypted account number column. Table B also has an encrypted account number column (same data). If we have a SQL statement that performs a join on the account number columns in the two tables, is there any possibility that the join will fail because the Blowfish encryption somehow yielded a different value?

    Requires Free Membership to View

From what you have described, it does not appear that there should be any issues with the join. If you are using symmetric encryption with the same key (passphrase), the resultant ciphertext should be identical. It would also help to check with the manufacturer of the encryption tool (I don't know if you're using SQL Server 2005 for this or one of the fine third party encryption products).

This was first published in December 2007

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: