Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Decryptbykey


Decryptbykey

Author
Message
robert.nesta123
robert.nesta123
Forum Newbie
Forum Newbie (9 reputation)Forum Newbie (9 reputation)Forum Newbie (9 reputation)Forum Newbie (9 reputation)Forum Newbie (9 reputation)Forum Newbie (9 reputation)Forum Newbie (9 reputation)Forum Newbie (9 reputation)

Group: General Forum Members
Points: 9 Visits: 19
Hi

I am using an encrypted db, I run a select query but certain columns remain encypted.
To resolve this I used the

CONVERT(nvarchar(200),DECRYPTBYKEY(REG))

but when I filter on REG.

Where name like '%DY%'

It returns some values that don't meet the filter criteria.

What is needed
e4d4
e4d4
SSC Veteran
SSC Veteran (275 reputation)SSC Veteran (275 reputation)SSC Veteran (275 reputation)SSC Veteran (275 reputation)SSC Veteran (275 reputation)SSC Veteran (275 reputation)SSC Veteran (275 reputation)SSC Veteran (275 reputation)

Group: General Forum Members
Points: 275 Visits: 2399
robert.nesta123 (1/21/2013)
...
but when I filter on REG.
....

You can't filter on REG in this way, because it is encrypted, you can filter only on a decrypted value so:
CONVERT(nvarchar(200),DECRYPTBYKEY(REG)) like  '%DY%'


Ed Wagner
Ed Wagner
SSChampion
SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)

Group: General Forum Members
Points: 10352 Visits: 9615
Just as a word of caution here, if you put your DECRYPTBYKEY and CONVERT functions to the left of the operator, they'll both have to run on every row in the table to be able to perform the LIKE comparison and return the result set. I've found the performance impact of doing this to be significant.


Tally Tables - Performance Personified
String Splitting with True Performance
Best practices on how to ask questions
e4d4
e4d4
SSC Veteran
SSC Veteran (275 reputation)SSC Veteran (275 reputation)SSC Veteran (275 reputation)SSC Veteran (275 reputation)SSC Veteran (275 reputation)SSC Veteran (275 reputation)SSC Veteran (275 reputation)SSC Veteran (275 reputation)

Group: General Forum Members
Points: 275 Visits: 2399
Ed Wagner (1/21/2013)
Just as a word of caution here, if you put your DECRYPTBYKEY and CONVERT functions to the left of the operator, they'll both have to run on every row in the table to be able to perform the LIKE comparison and return the result set. I've found the performance impact of doing this to be significant.


But with an encrypted column, you can't do this in another way. With = you can encrypt the searched value and search for equality.
Ed Wagner
Ed Wagner
SSChampion
SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)

Group: General Forum Members
Points: 10352 Visits: 9615
I know what you mean. I don't know what your requirements are, but if you know the users can search by the first two (and only two) characters of a last name or by some other constant substring, you may be able to store that somewhere else in the table. Or you could store the ASCII values of the first two characters of the string as an integer, index it and then include that field in your WHERE clause. If, however, your specs state that the name has to be completely encrypted, then you're out of luck.

I've seen performance problems when doing something like this when the table gets large and just wanted you to start thinking about it up front so you're not caught off guard later.


Tally Tables - Performance Personified
String Splitting with True Performance
Best practices on how to ask questions
robert.nesta123
robert.nesta123
Forum Newbie
Forum Newbie (9 reputation)Forum Newbie (9 reputation)Forum Newbie (9 reputation)Forum Newbie (9 reputation)Forum Newbie (9 reputation)Forum Newbie (9 reputation)Forum Newbie (9 reputation)Forum Newbie (9 reputation)

Group: General Forum Members
Points: 9 Visits: 19
Thanks that worked using the encrypted version in the filter. I thought I had already tried that. I must of got the syntax wrong.

In terms of performance, I'm running on a copy of LIVE in test so not an issue but I will keep it in mind. Thanks again.
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search