AES is an algorithm adopted as a Federal U.S. government standard in 2002 and approved
by the NSA. It is a stronger algorithm than Triple-DES. When you choose the algorithm,
you need to balance between security and performances. AES_128 is gradually becoming
more vulnerable as new attacks are discovered but it is still considered reasonably safe. If your database contains classified
information, you should go for a bigger key, which is harder to crack. But the bigger the
key, the higher the performance impact will be. This being said, the performance impact
of TDE is relatively low.
by the NSA. It is a stronger algorithm than Triple-DES. When you choose the algorithm,
you need to balance between security and performances. AES_128 is gradually becoming
more vulnerable as new attacks are discovered but it is still considered reasonably safe. If your database contains classified
information, you should go for a bigger key, which is harder to crack. But the bigger the
key, the higher the performance impact will be. This being said, the performance impact
of TDE is relatively low.
Reference: Microsoft SQL Server 2012 Security Cookbook
No comments:
Post a Comment