FIX: "The decryption key is incorrect" error when you open a symmetric key that is encrypted by an asymmetric key in SQL Server 2008, SQL Server 2012 or SQL Server 2008 R2

Microsoft distributes Microsoft SQL Server 2008 fixes as one downloadable file. Because the fixes are cumulative, each new release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 fix release.
Symptoms
Consider the following scenario:
  • You have a symmetric key that is encrypted by an asymmetric key in Microsoft SQL Server 2008, Microsoft SQL Server 2012 or Microsoft SQL Server 2008 R2 on a computer that is running Windows 8 or Windows Server 2012.
  • The asymmetric key is created by using an Extensible Key Management (EKM) provider.
  • You try to open the encrypted symmetric key.
In this scenario, you receive an error message that resembles the following:
Msg 15273, Level 16, State 1, Line 1 The decryption key is incorrect.

Cause
This issue occurs because a feature that checks key length is included in Windows 8 or Windows Server 2012. However, SQL Server uses an incorrect data length to decrypt the symmetric key.
Resolution
The issue was first fixed in the following cumulative update of SQL Server.

Cumulative Update 6 for SQL Server 2012 SP1

About cumulative updates for SQL Server

Each new cumulative update for SQL Server contains all the hotfixes and all the security fixes that were included with the previous cumulative update. Check out the latest cumulative updates for SQL Server:

Cumulative update 9 for SQL Server 2012

The fix for this issue was first released in Cumulative Update 9. For more information about how to obtain this cumulative update package for SQL Server 2012, click the following article number to view the article in the Microsoft Knowledge Base:
2867319 Cumulative update package 9 for SQL Server 2012
Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2012 fix release. We recommend that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
2692828 The SQL Server 2012 builds that were released after SQL Server 2012 was released

Cumulative Update 8 for SQL Server 2008 R2 Service Pack 2

The fix for this issue was first released in Cumulative Update 8. For more information about how to obtain this cumulative update package for SQL Server 2008 R2 Service Pack 2, click the following article number to view the article in the Microsoft Knowledge Base:
2871401 Cumulative update package 8 for 2008 R2 Service Pack 2
Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 R2 Service Pack 2 fix release. We recommend that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
2730301 The SQL Server 2008 R2 builds that were released after SQL Server 2008 R2 Service Pack 2 was released

Cumulative update 12 for SQL Server 2008 Service Pack 3 (SP3)

The fix for this issue was first released in Cumulative Update 12 for SQL Server 2008 Service Pack 3. For more information about how to obtain this cumulative update package for SQL Server, click the following article number to view the article in the Microsoft Knowledge Base:
2863205 Cumulative update package 12 for SQL Server 2008 Service Pack 3
Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server fix release. We recommend that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
2629969 The SQL Server 2008 builds that were released after SQL Server 2008 Service Pack 3 was released
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
References
For more information about the Incremental Servicing Model for SQL Server, click the following article number to view the article in the Microsoft Knowledge Base:
935897 An Incremental Servicing Model is available from the SQL Server team to deliver hotfixes for reported problems
For more information about the naming schema for SQL Server updates, click the following article number to view the article in the Microsoft Knowledge Base:
822499 Naming schema for Microsoft SQL Server software update packages
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates
Properties

Article ID: 2859713 - Last Review: 10/10/2013 05:17:00 - Revision: 5.0

Microsoft SQL Server 2008 Service Pack 3, Microsoft SQL Server 2008 R2 Datacenter, Microsoft SQL Server 2008 R2 Developer, Microsoft SQL Server 2008 R2 Enterprise, Microsoft SQL Server 2008 R2 Express, Microsoft SQL Server 2008 R2 Standard, Microsoft SQL Server 2008 R2 Web, Microsoft SQL Server 2008 R2 Workgroup, Microsoft SQL Server 2012 Developer, Microsoft SQL Server 2012 Enterprise, Microsoft SQL Server 2012 Express, Microsoft SQL Server 2012 Standard, Microsoft SQL Server 2012 Web, SQL Server 2012 Enterprise Core

  • kbfix kbqfe kbexpertiseadvanced kbsurveynew KB2859713
Feedback