For Aria, only table files get encrypted, while Aria log apparently does not. I assume it's on purpose, but then it should probably mentioned in the documentation, I could not find anything about it.

A short specification if we would make Aria log encrypted:

• First log page of each log file should not be encrypted (has no user data, so it's not important). However we can add a marker on the first page that the file is encrypted, including some 'random' encryption seed used for the rest of the file.
• We encryption key could be depending on something that changes, like the file number (part of the file name) and the above encryption seed. Note that we need to be able to access all keys ever used for the logs also with aria_read_log and aria_dump_log !
• Each log file is either fully encrypted (except for first page) or not at all. One should be able to mix encrypted at not encrypted files.
• The Aria log is designed so that one can write additional data on a log page without affecting the previous content on the page. Encrypted files must do the same! This is critical as the engine assumes that if a page part has been written and synced it, it will always be able to read that part again, even if future writes on the same page would fail or be half written! One implication of this is that each write to the log page should be independently encrypted!
• Encrypted segments can have additional data or be longer than non encrypted segments. This may be needed if the encrypted data is longer than the not encrypted data (for example if there needs to be a checksum for each encrypted segment).