What is a difference between deterministic and randomized encryption when you use Always Encrypted feature of Azure SQL Database?
Experience Level: Senior
Tags: Azure CloudAzure SQL Database
Answer
When deterministic encryption is used, when you encrypt specific value, its encrypted form looks always the same. So if you encrypt the value 10 times in 10 different items, you will always get the same encrypted string. Thanks to this, you can use deterministic encryption even for columns that you need to group by and filter by, because the database engine can do the grouping/filtering operation by the encrypted value. The column can also be encrypted.
Randomized encryption on the other hand adds salt and thus produces different encrypted values for each time you encrypt the same input value. This is nice security enhancement, but it also prevents equality searches, grouping, indexing and joining on encrypted columns.
Related Azure Cloud job interview questions
According to Microsoft Cloud Adoption Framework (CAF), what are the three specific terms related to Management phaze that can help improve conversations among business stakeholders?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat are 6 key steps for establishing a management baseline according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat is management baseline according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat are the 5 disciplines of cloud governance according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorIs Cloud Security Posture Management (CSPM) available for all Azure Subscriptions?
Microsoft Defender Junior