Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Join us at FabCon Vienna from September 15-18, 2025, for the ultimate Fabric, Power BI, SQL, and AI community-led learning event. Save €200 with code FABCOMM. Get registered

Reply
mbr98042
New Member

OneLake Encryption Algorithm

‎02-20-2025 11:50 AM

Is there any Microsoft documentation that specifies the encryption algorithm used to protect OneLake data at rest? I can only find references on third party sites that it is AES-256. Nothing that I am finding on Learn, the Fabric security white paper, etc. specifically states it is AES-256 (or what it uses). Only that it is FIPS 140-2 compliant.

Labels:
Message 1 of 7
565 Views
0
1 ACCEPTED SOLUTION
v-kpoloju-msft
Community Support
Community Support

‎02-20-2025 09:52 PM

Hi @mbr98042,

Thank you for reaching out to the Microsoft Fabric Community Forum. Thank you, @nilendraFabricfor your valuable input regarding the issue.


However, the specific encryption algorithms used are not detailed in the available documentation. Currently, encryption at rest using customer-managed keys is not supported, but you can submit a request for this feature on Microsoft Fabric Ideas.
Please go through the below following link for request for the feature on Microsoft Fabric Ideas.
Home

If this post helps, then please give us ‘Kudos’ and consider Accept it as a solution to help the other members find it more quickly.

 

Best Regards.

View solution in original post

Message 4 of 7
501 Views
0
6 REPLIES 6
v-kpoloju-msft
Community Support
Community Support

‎02-20-2025 09:52 PM

Hi @mbr98042,

Thank you for reaching out to the Microsoft Fabric Community Forum. Thank you, @nilendraFabricfor your valuable input regarding the issue.


However, the specific encryption algorithms used are not detailed in the available documentation. Currently, encryption at rest using customer-managed keys is not supported, but you can submit a request for this feature on Microsoft Fabric Ideas.
Please go through the below following link for request for the feature on Microsoft Fabric Ideas.
Home

If this post helps, then please give us ‘Kudos’ and consider Accept it as a solution to help the other members find it more quickly.

 

Best Regards.

Message 4 of 7
502 Views
0
v-kpoloju-msft
Community Support
Community Support
In response to v-kpoloju-msft

‎02-24-2025 12:53 AM

Hi @mbr98042,

 

May I ask if you have resolved this issue? If so, please mark the helpful reply and accept it as the solution. This will be helpful for other community members who have similar problems to solve it faster.

 

Thank you.

Message 5 of 7
450 Views
0
v-kpoloju-msft
Community Support
Community Support
In response to v-kpoloju-msft

‎02-27-2025 07:47 AM

Hi @mbr98042,


I wanted to check if you had the opportunity to review the information provided. Please feel free to contact us if you have any further questions. If my response has addressed your query, please accept it as a solution and give a 'Kudos' so other members can easily find it.


Thank you.

Message 6 of 7
412 Views
0
v-kpoloju-msft
Community Support
Community Support
In response to v-kpoloju-msft

‎03-02-2025 05:50 AM

Hi @mbr98042,


I hope this information is helpful. Please let me know if you have any further questions or if you'd like to discuss this further. If this answers your question, please Accept it as a solution and give it a 'Kudos' so others can find it easily.


Thank you.

Message 7 of 7
368 Views
0
nilendraFabric
Community Champion
Community Champion

‎02-20-2025 12:11 PM

Hello @mbr98042 

 

you are right, Microsoft’s documentation for OneLake confirms encryption at rest using FIPS 140-2-compliant standards with Microsoft-managed keys.

 

While the specific algorithm isn’t named, FIPS 140-2 validation typically requires cryptographic modules to use NIST-approved algorithms, such as AES-256, for encryption.

 

FIPS 140-2 documentation emphasizes AES-256 for sensitive data protection, noting its resistance to brute-force attacks and approval for government use. For example, AES-256 is required in FIPS 140-2 Level 3 and 4 validations for environments demanding tamper resistance and zeroization

 

https://learn.microsoft.com/en-us/compliance/regulatory/offering-fips-140-2

https://www.kiteworks.com/regulatory-compliance/mastering-fips-essential-guide-for-it-and-cybersecur...

 

hope this helps 

 

if yes please don't forget to give kudos and accept the answer 

 

 

Message 2 of 7
550 Views
mbr98042
New Member
In response to nilendraFabric

‎02-20-2025 03:30 PM

Thanks for your response. That is similar to what I have found, but I am specifically looking for Microsoft documentation that indicates the algorithm used.

Message 3 of 7
518 Views

Helpful resources

Announcements
Join our Fabric User Panel

Join our Fabric User Panel

This is your chance to engage directly with the engineering team behind Fabric and Power BI. Share your experiences and shape the future.

June FBC25 Carousel

Fabric Monthly Update - June 2025

Check out the June 2025 Fabric update to learn about new features.

June 2025 community update carousel

Fabric Community Update - June 2025

Find out what's new and trending in the Fabric community.

View All