We want to encrypt a Sybase SQL Anywhere version 10 database with AES-FIPS. I went to this document: http://www.sybase.com/detail?id=1054418
It explains how to create a new database, or even change an encryption key on an existing encrypted db. But it does not go into encrypting an existing database.
asked 26 Feb '13, 18:12
Have a look at the CREATE ENCRYPTED FILE statement in the 10.0.1 documentation. You will need to run this statement for each of the files (e.g. main dbspace + dbspaces + transaction log file) that are associated with your database. When you are encrypting a database from a database that is not encrypted do not include the "OLD key" clause when running the statement.
Note that in v11.0.1 and v12 you can use the CREATE ENCRYPTED DATABASE statement that will do all of the files in one step.
Note that strongly encrypted (as opposed to 'simple' obfuscation) SQL Anywhere databases are always encrypted using AES, and there is no difference between AES and AES_FIPS except for the code that is used to do the actual encryption/decryption. I.e. AES and AES_FIPS are compatible. If you want to encrypt your database with the FIPS implementation of AES then just be sure to start your database server with the -fips switch. Note however that FIPS support is a separately licensed option that you must purchase in order to use it.