The difference is that it doesn't have to stored like a salt. I didn't say it was the ultimate way. Frankly, for something like a SSN, I'd store it in like 3(+) different columns with different names, each encrypted, and then put it back together only when really needed. Real uses of the actual SSN are so low I think you could easily deal with the overhead of that. And for all decency's sake, whatever you do, don't name the column "SSN". This is one time where clear naming is NOT desired.
SQL DBA,SQL Server MVP(07, 08, 09) Prosecutor James Blackburn, in closing argument in the Fatal Vision murders trial: "If in the future, you should cry a tear, cry one for them [the murder victims]. If in the future, you should say a prayer, say one for them. And if in the future, you should light a candle, light one for them."