Determines whether the driver caches column encryption keys. This option is used when Always Encrypted is enabled (ColumnEncryption=Enabled | ResultsetOnly).
Valid Values
-1 | 0
Behavior
If set to -1, the driver caches column encryption keys on a per connection basis. The keys remain in the cache until the connection is closed or the application exits.
If set to 0, the driver does not cache column encryption keys.
Notes
Column encryption keys do not persist beyond the life of a connection. When a connection is closed, the driver purges the cache, leaving no column encryption key data in memory.
Caching column encryption keys can provide performance gains by eliminating the overhead associated with fetching and decrypting the keys for the same data multiple times during a connection.
While caching column encryption keys can improve performance, they are designed to be deleted from the cache as a security measure. Therefore, we do not recommend caching keys for applications that remain connected for long periods of time.
Column encryption keys do not persist beyond the life of a connection. When a connection is closed, the driver purges the cache, leaving no column encryption key data in memory.