Cryptographic functions (Transact-SQL)

THIS TOPIC APPLIES TO:yesSQL Server (starting with 2008)yesAzure SQL DatabasenoAzure SQL Data Warehouse noParallel Data Warehouse

The following functions support encryption, decryption, digital signing, and the validation of digital signatures.

Symmetric encryption and decryption

ENCRYPTBYKEY DECRYPTBYKEY
ENCRYPTBYPASSPHRASE DECRYPTBYPASSPHRASE
KEY_ID KEY_GUID
DECRYPTBYKEYAUTOASYMKEY KEY_NAME
SYMKEYPROPERTY

Asymmetric encryption and decryption

ENCRYPTBYASYMKEY DECRYPTBYASYMKEY
ENCRYPTBYCert DECRYPTBYCERT
ASYMKEYPROPERTY ASYMKEY_ID

Signing and signature verification

SIGNBYASYMKEY VERIFYSIGNEDBYASMKEY
SIGNBYCERT VERIGYSIGNEDBYCERT
IS_OBJECTSIGNED

Symmetric decryption with automatic key handling

DecryptByKeyAutoCert

Encryption hashing

HASHBYTES

Copying certificates

CERTENCODED (Transact-SQL)
CERTPRIVATEKEY (Transact-SQL)

See also

Functions
Encryption Hierarchy
Permissions Hierarchy (Database Engine)
CREATE CERTIFICATE (Transact-SQL)
CREATE SYMMETRIC KEY (Transact-SQL)
CREATE ASYMMETRIC KEY (Transact-SQL)
Security Catalog Views (Transact-SQL)