Following are some tit bits about TDE in SQL Server 2008:
- Instant file initialization is disabled for all encrypted databases so page headers are in a known state and the file does not include stray bits off the disk
- Tempdb is encrypted if there are any encrypted user databases to avoid exposure of intermediate query results.
- The only time the database will be re-encrypted is when the database encryption key is regenerated. If you’re re-generating the Service Master Key, Database Master Key or certificate, then the database will not be re-encrypted.