RE: TDE and execution plans

From: Jonathan Lewis <>
Date: Tue, 11 Mar 2014 18:13:28 +0000
Message-ID: <CE70217733273F49A8A162EE074F64D901DE2566_at_exmbx05.thus.corp>


Thanks for that.

They must encrypt the "body" of the undo records and forward redo change vectors as a piece. I'm surprised I can't find any signs of my having attempted to dump undo and redo with tablespace in place.

Jonathan Lewis

From: Job Miller [] Sent: 11 March 2014 18:01
To: Jonathan Lewis; Hameed, Amir; Subject: Re: TDE and execution plans

The docs hypothesize the overhead of tablespace encryption and mention it includes redo encryption as well. TDE Tablespace Encryption

TDE tablespace encryption enables you to encrypt an entire tablespace. All objects created in the encrypted tablespace are automatically encrypted. TDE tablespace encryption is useful if you want to secure sensitive data in tables. You do not need to perform a granular analysis of each table column to determine the columns that need encryption.

In addition, TDE tablespace encryption takes advantage of bulk encryption and caching to provide enhanced performance. While the actual performance impact on applications can vary, the performance overhead is roughly estimated to be in between 5% and 8%.

TDE tablespace encryption is a good alternative to TDE column encryption if your tables contain sensitive data in multiple columns, or if you want to protect the entire table and not just individual columns.

TDE tablespace encryption encrypts all data that is stored in an encrypted tablespace and its corresponding redo data.


From: Jonathan Lewis <> To: "Hameed, Amir" <>; "" <> Sent: Tuesday, March 11, 2014 12:06 PM
Subject: RE: TDE and execution plans
Received on Tue Mar 11 2014 - 19:13:28 CET

Original text of this message