SQL Encryption - Asymmetric Key - 2nd Server

Question

Hello,

I created an asymmetric key on one of my SQL servers (2008). I encrypted a password field and I am able to retrieve that password just fine on my development server.

The issue comes into play where I need to move this data to a production server.

Here is the code for the key that was created:

CREATE MASTER KEY ENCRYPTION BY PASSWORD='#########'
CREATE ASYMMETRIC KEY UserEncryptionKey
WITH ALGORITHM = RSA_2048

Now, when I run this on the production server, it creates the key just fine. However, when I run my sproc to get the password, it returns NULL.

SQL:

    SELECT EncryptByAsymKey(AsymKey_ID('UserEncryptionKey'), Password ) 
    FROM Users WHERE UserName = '######'

Any thoughts on what I need to do to get the encrypted field to work on multiple SQL Servers?

Please let me know if I need to clarify something.

Thanks

Answer 1

Do not move encrypted data from a database to another. Technically is possible, true, but you will likely compromise the key in the process so I rather not tell you how to do it.

When data is exchanged between sites, the usual procedure separates the key management and deployment from data transfer. Data is decrypted before transfer and dedicate encryption schemes for data transfer are used, like TLS and SSL, that eliminate the problem of deploying and sharing the actual encryption keys.

Asa side note, normally one does no encrypt data with asymmetric keys. They are way too slow for data operations. What everybody does is they encrypt data with a symmetric key and then encrypt the symmetric key with an asymmetric key.