I am storing encrypted data into a SqlServer 2005 database. I am new to this and was hoping to get some advice. I have about 10 string fields of varying length which need to be encrypted (I am using AES). To store them as varbinarys I need to allocate more space for the encrypted fields than I would for unencrypted varchar fields, but I am not sure how much. The thing that complicates it for me is the max size for most of the fields is around 10-50 chars, but a comments field which also needs to be encrypted is 1000 chars.

A couple of approaches I thought of were:
1) store the comments as a blob (varbinary(MAX)) and the rest as the max size of the encryption (not sure how to detemine)
2) store all fields as blobs
3) combine the fields and store as 1 blob field

I can think of +/-'s, but since I am new to this I was hoping to get some good advice. What would be a good method (in terms of simplicity vs storage vs speed) to encrypt of table with varyied length strings?
Thank you in advance,
zgar

Use encryption algorithm that gives you fixed length of each character/byte you encrypt, or at least where you know the max size of it. If not, make it fixed/known. RSA is good. If the info is short words like passwords, usernames, etc. use MD5/SH1. These would give you fixed size always. Also, do not encrypt the whole database manually. First - I doubt you're writing this database for the Pentagon or something, so normally you just need to encrypt certain data only, like passwords for ex. Second - there are external methods to encrypt databases.