Creating a Column Encryption Key

Create a column encryption key using a specified encryption method.

  1. In the left pane of the Administration Console, expand ASE Servers > Security > Encryption Keys.
  2. Click Column Encryption Keys.
  3. Select New.
    You see the Add Column Encryption Key wizard.
  4. Select the server and database where the encryption key is being defined.
  5. Select the key owner.
  6. Enter an encryption key name.
  7. Select these parameters for the Advanced Encryption Standard (AES) encryption algorithm:
    • Key length – choose 128, 192, or 256, depending on the level of security you need.
    • Default key – select this key as the default key to allow users to create encrypted columns without specifying the key.
    • Encryption method – select one of:
      • User-defined password – provide a password and confirm it. Select With dual control to encrypt with the master key and a user-defined password.
      • Master key – enable encryption using the master key. Select With dual control to encrypt with the master key and a user-defined password.
        Note: If you select dual control, the master key must already exist in the database, and you must supply the master key password.
      • System encryption password – enable encryption using the system encryption password.
  8. Select the initialization vector to be either random (the default) or null. Use initialization vector padding to increase the security of encrypted data by increasing the cryptographic variance of the cipher text.
  9. Select the pad value to be either random or null (the default). If pad is set to random, the datatype padding is used when the length is smaller than one block.
  10. (Optional) Click Summary to verify your selected options.