I have heard that table security for data stored in the table can be made by storing Hashbyte data in a column.

So anyone comes and change values manually in a table will be identified and that record be ommited for further calculation

Need help on these areas

CREATE TABLE [dbo].[sample1](
code varchar(50) NULL,
[hashcol] varchar(100) NULL

using 2012 VS and ADO .NET with sql server 2008

  1. this is my table and trying to insert hashbyte data to hashcol column from csharp application


I have used this

public static byte[] SHA512(String plaintext)
  // convert the passPhrase string into a byte array
  ASCIIEncoding AE = new ASCIIEncoding();
  byte[] passBuff = AE.GetBytes(plaintext);

  SHA512Managed hashVal = new SHA512Managed();
  byte[] passHash = hashVal.ComputeHash(passBuff);

  return passHash;

need better guide/example
2)how to regenerate hashcol value automatically if some one changed existing record?
3) how to compare 2 values , both old and existing hashed values from database and csharp application

Hope for some guide since I'm new to these security measures

Ok so the only way this would really provide security is if you used some unknown password (referred to as salt) to generate the hashes. Otherwise, anyone would be able to modify the table and then generate the hash to make it look like it hadn't been tampered with.

Using a salt could be as simple as hardcoding a string into your application and appending it to your value that will be hashed.


string myVal = "ValueToBeHashed";
const string Salt = "asgG&T£$Juu";

string computeValue = String.Concat(myVal, Salt);
SHA512Managed hasher = new SHA512Managed();
byte[] hashValue = hasher.ComputeHash(computeValue);


Secondly, you don't want to make anything but your application be able to automatically compute the value. If you set your database to do it, then you don't gain anything in terms of security. This is because as soon as the offender updates the database, the database would recompute the hash value for them.

To compare the two, you simply need to perform the hash step again and perform a Array.SequenceEqual between the two hashed byte arrays.

I supposed I ought to point out that this won't help protect your database, but it will help discover evidence of tampering.

This article has been dead for over six months. Start a new discussion instead.