Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SQL Anywhere 10.0.1 » SQL Anywhere Server - SQL Reference » SQL Functions » Alphabetical list of functions

DOW function [Date and time] Next Page

ENCRYPT function [String]

Encrypts the specified values using the supplied encryption key and returns a LONG BINARY value.


ENCRYPT( string-expression, key
[, algorithm ]


string-expression    The data to be encrypted. Binary values can also be passed to this function. This parameter is case sensitive, even in case-insensitive databases.

key    The encryption key used to encrypt the string-expression. This same key must be used to decrypt the value to obtain the original value. This parameter is case sensitive, even in case-insensitive databases.

As with most passwords, it is best to choose a key value that cannot be easily guessed. It is recommended that you choose a value for your key that is at least 16 characters long, contains a mix of uppercase and lowercase, and includes numbers, letters and special characters. You will require this key each time you want to decrypt the data.


Protect your key. Be sure to store a copy of your key in a safe location. A lost key will result in the encrypted data becoming completely inaccessible, from which there is no recovery.

algorithm    This optional parameter specifies the algorithm used to encrypt the string-expression. The string-expression must be encrypted using the same algorithm with which it will be decrypted. The algorithm used to implement SQL Anywhere strong encryption is Rijndael: a block encryption algorithm chosen as the new Advanced Encryption Standard (AES) for block ciphers by the National Institute of Standards and Technology (NIST).

On any platform that supports FIPS,, you can also specify a separate FIPS-approved AES algorithm for strong encryption using the AES_FIPS algorithm.


This function returns a LONG BINARY value, which is at most 31 bytes longer than the input string-expression. The value returned by this function is not human-readable. You can use the DECRYPT function to decrypt a string-expression that was encrypted with the ENCRYPT function. To successfully decrypt a string-expression, you must use the same encryption key and algorithm that were used to encrypt the data. If you specify an incorrect encryption key, an error is generated. A lost key will result in inaccessible data, from which there is no recovery.

If you are storing encrypted values in a table, the column should be BINARY or LONG BINARY so that character set conversion is not performed on the data.

See also
Standards and compatibility

The following trigger encrypts the user_pwd column of the user_info table. This column contains users' passwords, and the trigger fires whenever the password value is changed.

CREATE TRIGGER encrypt_updated_pwd
ON user_info
    SET new_pwd.user_pwd=ENCRYPT( new_pwd.user_pwd, '8U3dkA' );