azureazure-sql-databaseazure-sql-servertde

What is the default encryption algorithm used by Azure TDE?


Azure SQL Server offers Transparent Data Encryption (TDE) by default, with the flick of a virtual switch:

Azure TDE

There is no option to select an algorithm and I am not using "Bring Your Own Key".

Which encryption algorithm is being used and what is the key length?

All articles I find such as this one and this one have circular references to one another with no clear answer.


Solution

  • If you run this in your SQL Azure database

    select * from sys.dm_database_encryption_keys
    

    you should see the encryption algorithm being used and the key length.

    In my case I have TDE enabled in one of my databases and I can see that the key_algorithm is AES and the key_lenght is 256.