MongoDB’s “Field Level Encryption” Puts Database Secrets in Customer Hands

MongoDB’s inclusion of what it dubs “Field Level Encryption” in the latest version of its core database, MongoDB 4.2, was among the most talked-about releases at its conference in New York this week.

Field Level Encryption lets users encrypt specific database fields with their own key, whilst allowing application code to run unmodified for most database read and write operations (meaning developers don’t need to modify their query code).

The aim is simple: tackle data breaches caused by attackers gaining system admins’ logins; while ending the ability of vendors to spy on their customers.

Execution has not been as simple: it has taken two years, 16 developers and some searching third-party key management audits by Brown University’s Seny Kamara; ETH Zurich’s Kenny Paterson; and Boston’s Aroki Systems. (As MongoDB’s Kenn White puts it: “We run on Windows, Mac, Mainframes: We’re targeting 12 languages; Python, Perl, Ruby, Node, Java… it’s a big ecosystem.”)

Read this: MongoDB Launches Atlas Data Lake for S3, Vision for Realm, New Features

The approach sees the encryption (coming as a beta preview next week, with general availability later this summer) totally separated from the database, transparent to the server and handled exclusively within the MongoDB drivers on the client side: the server only sees encrypted binary data.

Raw key material is never persisted to disk (in-memory only) and field keys are secured in hardware security module (HSM)-backed key management services. Individual fields within collections can be marked as encrypted, and keys can be used on a per-field, per-document basis.

Out of the box, Field Level Security will be available for MongoDB running on AWS, with Azure and Google Cloud alternatives in the pipeline (MongoDB declined to give an ETA). The encryption itself is AES-256 and SHA-2 based.

But as Kenn White told a crowded session at MongoDB’s New York conference this week: “The encryption itself was five percent of the effort: we had to take the query parsing engine that lived in our server and take it client-side. That’s a major engineering effort!”

Davi Ottenheimer, Head of Product Security, MongoDB, told Computer Business Review: “We already had three levels of encryption: in Atlas for example, we had the hardware, the operating system and the drivers themselves and then encrypted storage engines. Then we added in key management with the KMIP key management protocol.”

“[but] customers are asking for innovation… GDPR is also driving this. Without GDPR I don’t think we’d be talking here today about encryption.”

See also: Microsoft Open Sources Homomorphic Encryption Library “SEAL”