I'm revising my original question based on the answer I rec'd below.
Assume for following that connection is secure.
My table is shared by multiple customers and contains BLOB fields that need to be encrypted.
The table contains a field "CustomerID" to identify the customer.
I am using ASP.NET to insert records into the table. User supplies a password (encryption key) on the fly which is not stored. Each customer has their own password/key.
Is it faster/better to use crypto namespace in .net and encrypt BLOB before transport? Or is it faster/better to use symemtric "Encrypt by Passphrase" functions in SQL/Server 2008 within INSERT statement? If so, why so? Or assuming it's on the same server makes no difference?
I have the same issue when decrypting on a SELECT statement -- can either use SQL/Server for this of .Net.