Download eBook (PDF) - Red Gate Software

4 – Encryption Basics for SQL ServerKey AlgorithmsKeys use a set of instructions that dictate how their cryptographic functions areto be performed. These instructions are called algorithms. There are severalalgorithms available in SQL Server and selecting the optimal algorithm can bea daunting task, with the high complexity of the mathematical equations thatdefine these algorithms simply adding to the challenge. Each encryption projectis unique and a suitable algorithm for one project may not be suitable foranother. With the following information you can more confidently select thealgorithm that is best for your situation.Symmetric Key AlgorithmsThe available symmetric key algorithms in SQL Server fall into two categories:• Block ciphers: This type of algorithm processes a fixed number ofbits of the plain text into the same fixed number of bits of encryptedtext. Decryption of a block cipher reverses the process.• Stream ciphers: This type of algorithm processes a single bit ofplain text into a single bit of cipher text and the results have akeystream, which is a series of bits that provides the key to theencryption, appended to its results.Depending upon the algorithm selected, the resulting block or stream cipher isa key of a specific length. In general, the longer key lengths result in strongerencryption; although stronger encryption means more resources when it isprocessed.The following key algorithms are available for symmetric keys in SQL Server:Advanced Encryption Standard• AES 128: This is a block cipher that processes text in 128 bit blocks.The result is a key size of 128 bits.• AES 192: This is a block cipher that processes text in 128 bit blocks.The result is a key size of 192 bits.• AES 256: This is a block cipher that processes text in 128 bit blocks.The result is a key size of 256 bits.Data Encryption Standard• DES: This is a block cipher that processes text in 64 bit blocks. Theresult is a key size of 56 bits.94