Develop applications using Always Encrypted with secure enclaves

Applies to: yesSQL Server 2019 (15.x) - Windows only YesAzure SQL Database

Always Encrypted with secure enclaves extends Always Encrypted to enable richer functionality of application queries on encrypted sensitive database columns. It leverages secure enclave technologies to allow the query executor in Database Engine to delegate computations on encrypted columns to a secure enclave inside the Database Engine process.


  • Your SQL Server instance or your database and server in Azure SQL Database must be correctly configured to support enclaves and attestation. For more information, see Set up the secure enclave and attestation.

  • You need to obtain an attestation URL for your environment from your attestation service administrator.

  • Your application must use a SQL client driver version that supports secure enclaves. See the below sections for more details.

  • You need to configure an attestation protocol and an attestation URL for a database connection. The details for how you configure the attestation protocol and the attestation URL depend on the client driver, you are using.

Client drivers for Always Encrypted with secure enclaves

To develop applications using Always Encrypted with secure enclaves, you need a SQL client driver version that supports secure enclaves. The client driver plays the following key role:

  • Before submitting a query that uses a secure enclave to SQL Server for execution, the driver initiates enclave attestation to verify the secure enclave is trustworthy and can be safely used to process sensitive data. For more information about attestation, see Secure Enclave Attestation.
  • Once attestation succeeds, the client driver establishes a secure session with the enclave by negotiating a shared secret.
  • The driver uses the shared secret to encrypt the column encryption keys the enclave will need to process the query, and sends the keys to SQL Server, which forwards them to the secure enclave that decrypts the keys.
  • Finally, the driver submits the query for execution, which triggers computations inside the secure enclave.

Next steps

The following client drivers support Always Encrypted with secure enclaves:

See also