Cryptographic functions (Transact-SQL)

**APPLIES TO:** ![yes](media/yes.png)SQL Server (starting with 2008) ![yes](media/yes.png)Azure SQL Database ![no](media/no.png)Azure SQL Data Warehouse ![no](media/no.png)Parallel Data Warehouse

These functions support digital signing, digital signature validation, encryption, and decryption.

Symmetric encryption and decryption

ENCRYPTBYKEY DECRYPTBYKEY
ENCRYPTBYPASSPHRASE DECRYPTBYPASSPHRASE
KEY_ID KEY_GUID
DECRYPTBYKEYAUTOASYMKEY KEY_NAME
SYMKEYPROPERTY

Asymmetric encryption and decryption

ENCRYPTBYASYMKEY DECRYPTBYASYMKEY
ENCRYPTBYCert DECRYPTBYCERT
ASYMKEYPROPERTY ASYMKEY_ID

Signing and signature verification

SIGNBYASYMKEY VERIFYSIGNEDBYASMKEY
SIGNBYCERT VERIGYSIGNEDBYCERT
IS_OBJECTSIGNED

Symmetric decryption, with automatic key handling

DecryptByKeyAutoCert

Encryption hashing

HASHBYTES

Certificate copying

CERTENCODED (Transact-SQL)
CERTPRIVATEKEY (Transact-SQL)

See also

Functions
Encryption Hierarchy
Permissions Hierarchy (Database Engine)
CREATE CERTIFICATE (Transact-SQL)
CREATE SYMMETRIC KEY (Transact-SQL)
CREATE ASYMMETRIC KEY (Transact-SQL)
Security Catalog Views (Transact-SQL)