In this recipe, you'll understand when you should use salt and MAC.
Connect to the database as a user who has administer key privilege or
SYSKM
privilege (for example,maja
):$ connect maja
Encrypt two columns in an existing table (for example,
sh.customers
)
In step 2:
You encrypted the
last_name
column using the AES256 algorithm with salt and used MACYou encrypted the
cust_street_address
column using the AES256 algorithm with no salt and used MAC
In general, you have to use same encryption algorithm for all encrypted columns at the same time. You can choose a SALT
option on the encrypted column level in a table, but you have to choose either the MAC
or NOMAC
option on a table level (meaning that all encryption columns in a table must use the same option).