MongoDB yesterday officially rolled out Queryable Encryption, a new offering that enables users to query data while it’s encrypted in the database. While the technology isn’t a silver bullet for security, it could significantly bolster the capability for users to get value from data without first exposing it in plain text.
For many years, one of the big drawbacks of encryption was the need for organizations to decrypt data before querying, processing, or analyzing it. In addition to adding time to transactions, it added computational expense.
Recent years have brought advances in new privacy enhancing techniques, such as homomorphic encryption, that promise the capability to work with encrypted data directly. Queryable Encryption (QE), which customers have been beta testing for the past few months, is the first application of this type of capability in a database itself, according to MongoDB.
With QE, users can perform numerous types of database functions, including CRUD commands, on encrypted data stored in the MongoDB database, the company says. The only time the data is decrypted is when the user needs the final result, at which point the data is decrypted with the encryption key. This approach is extensible to developers utilizing MongoDB as a database for their applications, and requires no specific cryptography expertise, the company says.
QE libraries are based on a novel database encryption scheme dubbed OST, MongoDB’s Cryptography Research Group says in its white paper. QE is composed of client-side database drivers, a client-side encryption library, an encrypted client, a key management service (KMS) provider, a key vault, and query analysis shared library.
The new tech will help MongoDB customers meet data privacy and consumer protection requirements, says Sahir Azam, MongoDB’s chief product officer.
“[W]ith MongoDB Queryable Encryption, customers can protect their data with state-of-the-art encryption and reduce operational risk–all while providing an easy-to-use capability developers can quickly build into applications to power experiences their end-users expect,” he says in a press release.
QE is open source and will prove beneficial in several use cases, including searching employee records, processing financial transactions, and analyzing medical records, MongoDB says. It works with standard KMS services hosted by cloud providers, in addition to other providers that support key management interoperability protocol (KMIP).
One early adopter of QE is Renault Group, an automotive company headquartered in France, that is using QE to boost data protection and security compliance, according to Xin Wang, a solutions architect at Renault.
“Our teams are eager for the architecture pattern validation of Queryable Encryption and are excited about its future evolution, particularly regarding performance optimization and batch operator support,” Wang says a press release. “We look forward to seeing how Queryable Encryption will help meet security and compliance requirements.”
MongoDB previously offered a related capability called Client-Side Field-Level Encryption (CSFLE), which allowed customers to process some encrypted data. But it suffered from several shortcomings, according to the white, namely that it supported only “find” operations with a single operator, whereas QE supports other comparison operators. “QE…was designed to be extendable to a large set of operators including range, prefix, suffix, and substring operators,” the white paper states.
However, there’s at least one downside of QE versus CLFSE: performance. While CLFSE incurred almost no performance overhead compared to a plaintext database, QE incurs up to a 10x performance overhead. For some organizations, paying that extra overhead will be preferable to reduce risk.
While QE represents an improvement in encryption capability, it’s not perfect, MongoDB concedes. “Database encryption reduces the attack surface of the DBMS, but it cannot remove it completely,” the company says in its white paper. “Nevertheless, when properly designed and deployed, database encryption, coupled with information security best practices like access control and auditing, can improve an organization’s security and privacy posture.”