Data at Rest Encryption Restrictions
Restrictions for encrypting columns are as follows:
• An encrypted column cannot be part of a table key.
• An encrypted column can be indexed, but the column must be defined with NOSALT, the index must be on the one column only (no composite indexes) and the index must be of type HASH.
Note: Due to the nature of encrypted data, only exact lookups are possible using the index. Because range and pattern queries cannot use the index, they would typically require a full table scan; such queries may be prohibitively costly.
• Long data types (LOBs) cannot be encrypted.