I've been trying to understand how TDE works with databases (particularly SQL Server). I've read numerous MSDN articles, blogs, info websites etc, but still cant get my head around all of it.
This is my understanding of TDE so far (with my assumptions & some questions):
- A system key is created on installation of SQL Server -> but where is this stored??
- The user creates a master key -> Now… Is this encrypted using symmetric key encryption and stored in the master db? If this is correct, then I assume that KEY = System key and TEXT = master key?
- The master key is used to create a certificate -> this is then also stored in the master DB?
- A per database encryption key is then generated (which is key for encrypting the DB data with symmetric encryption)
- The certificate then encrypts the database encryption key, which is then stored in the database it was created for.
Now, for the last step then, would the process be this:
Encrypt(Certificate,Database Key) = Encrypted Database Key, then store EDK into database, then Encrypt(Database key, Database)?
Are my assumptions correct?
And then how does the data get decrypted? Because surly you cant retrieve the database key? Also, if someone gets hold of the certificate, doesn't that compromise the database?
I appreciate any assistance with this.