Searching on Encrypted Data: MongoDB’s Queryable Encryption – Kenn White – ASW #221

MongoDB recently announced the industry’s first encrypted search scheme using breakthrough cryptography engineering called Queryable Encryption.

This technology gives developers the ability to query encrypted sensitive data in a simple and intuitive way without impacting performance, with zero cryptography experience required. Data remains encrypted at all times on the database, including in memory and in the CPU; keys never leave the application and cannot be accessed by the database server.

While adoption of cloud computing continues to increase, many organizations across healthcare, financial services, and government are still risk-averse. They don’t want to entrust another provider with sensitive workloads. This encryption capability removes the need to ever trust an outside party with your data.

This end-to-end client-side encryption uses novel encrypted index data structures in such a way that for the first time, developers can run expressive queries on fully encrypted confidential workloads.

Queryable Encryption is based on well-tested and established standard NIST cryptographic primitives to provide strong protection from attacks against the database, including insider threats, highly privileged administrators and cloud infrastructure staff. So even another Capital One type breach is not possible.

Segment Resources:

• https://www.mongodb.com/products/queryable-encryption
• https://www.wired.com/story/mongodb-queryable-encryption-databases/
• https://www.youtube.com/watch?v=mDKfZlQJO3k
• https://thenewstack.io/mongodb-6-0-offers-client-side-end-to-end-encryption/