When an encrypted table is created, an AES key is randomly generated (or can be specified with the AESKEY= option). This key is then encrypted using an AES key derived from the specified PASSPHRASE and stored in the catalog. The AES encryption specified for the user data encryption (AES128, AES192, or AES256) is also used for the passphrase protection of the catalog-stored key.

If access to encrypted data in a table is disabled, then this access must be enabled through a MODIFY statement that specifies the correct passphrase. At this point, an in-memory-only decrypted copy of the catalog-stored key is created for use by the encryption and decryption code. At server shutdown, this decrypted key copy is cleared and the encrypted data is effectively locked. At server startup, the MODIFY must be issued again to access the encrypted data.

A fixed number of encryption keys are available while the Actian Ingres server is active. This value is controlled by the dmf_crypt_maxkeys configuration parameter in CBF. This number represents the largest number of encrypted tables that can be unlocked and accessed at any one time for all databases in the installation. Slots in this shared memory table are freed when a table is relocked or dropped, and when a database is deleted with destroydb.