I updated my question to reflect the sql encryption rather than asp.net.
I created my key in sql
USE DatabaseName
GO
CREATE ASYMMETRIC KEY MyKey
WITH ALGORITHM = RSA_2048
ENCRYPTION BY PASSWORD = 'Password1'
Then I Modified the keys private key password
ALTER ASYMMETRIC KEY MKey
WITH PRIVATE KEY
(ENCRYPTION BY PASSWORD = 'ADifferentPassword',
DECRYPTION BY PASSWORD = 'Password1')
I would like to know why the ENCRYPTION BY PASSWORD is the password used to decrypt the data instead of the DECRYPTION BY PASSWORD?
and then too ENCRYPT I dont really need a password I just need to reference MyKey is this correct?
INSERT dbo.BookSellerBankRouting
(BookSellerID, BankRoutingNBR)
VALUES (22,
EncryptByAsymKey(AsymKey_ID('MyKey'),
'1234567'))
I thought you would have to specify the encryption password to encrypt and the decryption password to decrypt.
But when i use the encryption password in the statement below it decrypts the data and the decrypt password fails
SELECT CAST(DecryptByAsymKey
( AsymKey_ID('MyKey'),
BankRoutingNBR,
N'ADifferentPassword') as varchar(100)) BankRoutingNBR
FROM dbo.BookSellerBankRouting
WHERE BookSellerID = 22
It sounds like you are way overcomplicating things. SQL Server has built in support for encryption and user roles. You're better off trusting that the professionals who built that knew what they were doing than trying to implement your own scheme. Start reading about SQL Server encryption here: http://technet.microsoft.com/en-us/library/bb510663.aspx