Decrypts data with an asymmetric key.

Topic link iconTransact-SQL Syntax Conventions

DecryptByAsymKey (Asym_Key_ID, { 'ciphertext' | @ciphertext } 
    [ ,'Asym_Key_Password' ] )


Is the ID of an asymmetric key in the database. Asym_Key_ID is int.


Is a string of data that has been encrypted with the asymmetric key.


Is a variable of type varbinary that contains data that has been encrypted with the asymmetric key.


Is the password that was used to encrypt the asymmetric key in the database.

varbinary with a maximum size of 8,000 bytes.

Encryption/decryption with an asymmetric key is very costly compared to encryption/decryption with a symmetric key. We do not recommend using an asymmetric key when you work with large datasets, such as user data in tables.

Requires CONTROL permission on the asymmetric key.

The following example decrypts ciphertext that was encrypted with asymmetric key JanainaAsymKey02, which was stored in AdventureWorks.ProtectedData04. The returned data is decrypted using asymmetric key JanainaAsymKey02, which has been decrypted with password pGFD4bb925DGvbd2439587y. The plaintext is converted to type nvarchar.

SELECT CONVERT(nvarchar(max),
    DecryptByAsymKey( AsymKey_Id('JanainaAsymKey02'), 
    ProtectedData, N'pGFD4bb925DGvbd2439587y' )) 
AS DecryptedData 
FROM [AdventureWorks].[Sales].[ProtectedData04] 
WHERE Description = N'encrypted by asym key''JanainaAsymKey02''';

Community Additions