I am currently designing a web application where the data needs to be stored encrypted.
Planned technologies used:
- ASP.NET Core API
- ASP.NET Core Entity Framework
- MS SQL Server 2016
- any Web Frontend
Because of the specification we need to store all data encrypted in the database.
Which would be a good approach to achieve this while still be able to use the Entity Framework & LINQ, so the developer does not have to take care about the encryption.
Is it possible to encrypt the whole database?
To clarify, the encryption between the web frontend & the API isn't something that's related to this question.
Best Answer
SQL 2016 came up with the new encryption feature. Please take a look.
http://www.databasejournal.com/features/mssql/exploration-of-sql-server-2016-always-encrypted-part-1.html
It is not a good idea to encrypt a whole database for the performance reasons. Go through the article. The encryption & decryption happens with the help of ADO.NET layer.