According to error messages when not configured correctly, the attributes are encrypted into the secure storage area -> http://help.sap.com/saphelp_nwce71/helpdata/en/e9/a1dd44d2c83c43afb5ec8a4292f3e0/content.htm
This uses the system PSE and as far as I know also some DB keys to encrypt and decrypt the data, such that with system copies they are rendered useless as well. I could not find any docs to verify that, but it makes sense and it was mentioned in past discussions in the security forum.
Which cyphers SAP supports are then in SAP note 510007.
Not authoritative, but hope that helps you further though.
Cheers,
Julius