Simple encryption is equivalent to obfuscation and makes it more difficult for someone using a disk utility to look at the file to decipher the data in your database. Simple encryption does not require a key to encrypt the database.
Strong database encryption technology makes a database inoperable and inaccessible without a key (password). An algorithm encodes the information contained in your database and transaction log files so they cannot be deciphered.
In SAP Sybase IQ, the database administrator has control over four aspects of strong encryption, including:
strong encryption status
encryption key
protection of the encryption key
encryption algorithm
The algorithm used to implement SAP Sybase IQ strong encryption is AES: a block encryption algorithm chosen as the new Advanced Encryption Standard (AES) for block ciphers by the National Institute of Standards and Technology (NIST).
You can also specify a separate FIPS-approved AES module for strong encryption using the AES_FIPS (128-bit) or AES256_FIPS (256-bit) type. When the database server is started with the -fips option, you can run databases encrypted with AES, AES256, AES_FIPS, or AES256_FIPS strong encryption, but not databases encrypted with simple encryption. Unencrypted databases can also be started on the server when -fips is specified.
The SAP Sybase IQ security option must be installed on any computer used to run a database encrypted with AES_FIPS or AES256_FIPS.
FIPS-certified encryption is not available on all platforms. For a list of supported platforms, see http://www.sybase.com/detail?id=1061806.
FIPS-certified encryption requires a separate license. All strong encryption technologies are subject to export regulations.