MongoDB 6.0 Offers Client-Side End-to-End Encryption
“Developers aren’t cryptographers. We can only do so much security training, and frankly, they shouldn’t have to make hard choices about this encryption mode or that encryption mode. It should just, like, work,” said Kenneth White, a security principal at MongoDB, explaining the need for MongoDB’s new Queryable Encryption feature.
In this latest edition of The New Stack Makers podcast, we discuss MongoDB‘s new end-to-end client-side encryption, which allows an application to query an encrypted database and keep the queries in transit encrypted, an industry first, according to the company.
White discussed this technology in depth to TNS publisher Alex Williams, in a conversation recorded at MongoDB World, held last week in New York.
MongoDB has offered the ability to encrypt and decrypt documents since MongoDB 4.2, though this release is the first to allow an application to query the encrypted data. Developers with no expertise in encryption can write apps that use this capability on the client-side, and the capability itself (available in preview mode for MongoDB 6.0) adds no noticeable overhead to application performance, so claims the company.
Data remains encrypted all times, even in memory and in the CPU; The keys never leave the application and cannot be accessed by the server. Nor can the database or cloud service administrator be able to look at the raw data.
For organizations, queryable encryption greatly expands the utility of using MongoDB for all sorts of sensitive and secret data. Customer service reps, for instance, could use the data to help customers with issues around sensitive data, such as social security numbers or credit card numbers.
In this podcast, White also spoke about the considerable engineering effort to make this technology possible — and make it easy to use for developers.
“In terms of how we got here, the biggest breakthroughs weren’t cryptography, they were the engineering pieces, the things that make it so that you can scale to do key management, to do indexes that really have these kinds of capabilities in a practical way,” White said.
It was necessary to serve a user base that needs maximum scalability in their technologies. Many have “monster workloads,” he notes.
“We’ve got some customers that have over 800 shards, meaning 800 different physical servers around the world for one system. I mean, that’s massive,” he said. “So it was a lot of the engineering over the last year and a half [has been] to sort of translate those math and algorithm techniques into something that’s practical in the database.”