Cryptographic functions (Transact-SQL)

THIS TOPIC APPLIES TO:yesSQL Server (starting with 2008)yesAzure SQL DatabasenoAzure SQL Data Warehouse noParallel Data Warehouse

These functions support digital signing, digital signature validation, encryption, and decryption.

Symmetric encryption and decryption

ENCRYPTBYKEY DECRYPTBYKEY
ENCRYPTBYPASSPHRASE DECRYPTBYPASSPHRASE
KEY_ID KEY_GUID
DECRYPTBYKEYAUTOASYMKEY KEY_NAME
SYMKEYPROPERTY

Asymmetric encryption and decryption

ENCRYPTBYASYMKEY DECRYPTBYASYMKEY
ENCRYPTBYCert DECRYPTBYCERT
ASYMKEYPROPERTY ASYMKEY_ID

Signing and signature verification

SIGNBYASYMKEY VERIFYSIGNEDBYASMKEY
SIGNBYCERT VERIGYSIGNEDBYCERT
IS_OBJECTSIGNED

Symmetric decryption, with automatic key handling

DecryptByKeyAutoCert

Encryption hashing

HASHBYTES

Certificate copying

CERTENCODED (Transact-SQL)
CERTPRIVATEKEY (Transact-SQL)

See also

Functions
Encryption Hierarchy
Permissions Hierarchy (Database Engine)
CREATE CERTIFICATE (Transact-SQL)
CREATE SYMMETRIC KEY (Transact-SQL)
CREATE ASYMMETRIC KEY (Transact-SQL)
Security Catalog Views (Transact-SQL)