I have a website that I use Entity Framework database-first approach for data saving and retrieval. I want to be able to encrypt the data on saving and decrypt it on retrieval
Any suggestions on where to begin?
Asked
Active
Viewed 880 times
1
-
Just google it: https://blogs.msdn.microsoft.com/sqlsecurity/2015/08/27/using-always-encrypted-with-entity-framework-6/ – Fals Nov 08 '16 at 21:16
-
yes i googled it and always encrypted (as i understood) is a sql server 2016 feature, i user sql server 2014 – a.tolba Nov 08 '16 at 21:27
-
1This is far too broad of a question for Stack Overflow. Please read [ask] and what's [off-topic](http://stackoverflow.com/help/dont-ask). – Heretic Monkey Nov 08 '16 at 22:13
1 Answers
1
You can encrypt the data with AES encryption:
Using AES encryption in C# and save the data in the database as varbinary.
In entity framework, you need to map the encrypted data as Byte[].
For example, you can create an entity framework model that maps the encrypted data as Byte[] to database; datareader class that decrypts the data from entity framework model and a datawriter that encrypts data to the model.
Remember that if you encrypt the data via C# you cannot do search query on database, to search a record you must load and decrypt all data from database in memory!
To use full search and query capabilities, it's a better option to enable encryption on database side, this can be done with SQL Server 2016 Always Encrypted.
Another option is to implement Homomorphic encryption, https://www.microsoft.com/en-us/research/project/homomorphic-encryption/, but actually it's an experimental technology.
Stefano Balzarotti
- 1,760
- 1
- 18
- 35