Data encryption of a table in SQL Server is done at the column level, column by column, and utilizes symmetric encryption. The following steps detail how this process occurs within SQL Server:
- A database master key is created
- A self-signed certificate is created which will be protected by the database master key
- A symmetric encryption key to be used for the column level encryption is created from the certificate
- The table is then encrypted with the EncryptByKey function using the symmetric key and the name of the certificate
To decrypt data, the DecryptByKey function is called, which also requires the symmetric key and the name of the certificate.