Need to a search on the Encrypted DataBase

Nov 15, 2012 at 8:21 AM

I have checked your code. It works fine. Data is stored in Encrypted Format, but how it will fetch data in search mode. I mean If I have to store a set of  Encrypted User Details and do a search using EF LINQ based query, will it work using same dbContext ? or How I need to use your library to perform a search on encrypted data. Kindly reply

Coordinator
Nov 19, 2012 at 6:53 PM

Because by default we encrypt all of the string type columns in the row at once, it’s not possible to do search or get on individual ones.

That can be a limitation for some scenarios. However, we’ve found that many line of business applications require structured storage in which entire rows can be read based on indexes that can remain plaintext (but are still integrity protected). HTML grid based workflow applications, in which ease of deployment and supportability are higher priority than handling tons of data, are an example.

To answer your question about EF LINQ, yes, SecurEntity supports those with some caveats. In general, you want to ensure that the entire row is getting read. Otherwise, particularly when you're also using EF views, we've found that the SecurEntity decryption callback may not fire, and therefore the encrypted columns in the returned data objects will still be encrypted. That can result in downstream logic errors, so just be sure to test carefully.

Sep 12, 2013 at 12:19 PM
Can you clarify what you mean by this please Dan?

I have encryption working for a User object I have. I am having a problem whereby a method which is called to retrieve the User on login isn't finding any records. It searches for Users with an Email Address using Linq against the DbContext.

The breakpoint on ObjectMaterialized event handler isn't being fired.

Should it be fired when the Linq query is executed? Is this where my problem is or is this behaviour as designed?
Coordinator
Sep 13, 2013 at 9:10 PM
Try running through the same sequence using our sample solution. In addition to confirming that you see the encrypted strings, and other columns, in SQL Management Studio, take a look at how we wrap the DbContext in order to register the encrypt/decrypt callbacks, and how we do hash-based look-ups for strings. It sounds like you might be missing all of those things.