Using Encrypted Columns

Considerations for using encrypted columns.

If you use the encrypt clause without specifying a key name, the SAP ASE server uses the database default key to encrypt the data in the target column.

If a column in the source table is encrypted and you do not specify the encrypt clause for the target column, the SAP ASE server decrypts the data in the source table and inserts plain text data in the target column.

If you specify encryption for the target column with the same key used for the source column data, and if the key does not use an initialization vector or random padding, then the SAP ASE server copies the data from the source column to the target column as cipher text, without intermediate decryption and reencryption operations.

If, however, you specify encryption for the target column using a different key from that used for the source column, or if the key uses an initialization vector or padding during encryption, the SAP ASE server performs a decryption and encryption operation for each selected row of the encrypted column.