![#MDBLocal
db.coll.insert({
name: "Doris",
ssn: "457-55-5462"
})
{
insert: "coll",
documents: [{
name: "Doris",
ssn: BinData(6, "a10x…")
}]
}
You see: MongoDB sees:
Encrypt before sending](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-12-320.jpg)
![#MDBLocal
db.coll.update({}, {
$set: { ssn: "457-55-5462" }
})
{
update: "coll",
updates: [{
q:{},
u: {
$set: { ssn: BinData(6, "a10x…") }
}
}]
}
You see: MongoDB sees:
Update that overwrites value](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-26-320.jpg)
![#MDBLocal
db.coll.aggregate([{
$project: { name_ssn: {$concat: [ "$name", " - ", "$ssn" ] } }
}]
Aggregate acting on the data](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-27-320.jpg)
![#MDBLocal
Find with equality query
* For deterministic encryption
db.test.find(
{
$and: [
{
$or: [
{ ssn : { $in : [ "457-55-5462", "153-96-2097" ]} },
{ ssn: { $exists: false } }
]
},
{ name: "Doris" }
]
}
)
You see:](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-29-320.jpg)
![#MDBLocal
Find with equality query
* For deterministic encryption
MongoDB sees:
{
find: "coll",
filter: {
$and: [
{
$or: [
{ ssn : { $in : [ BinData(6, "a10x…"), BinData(6, "8dk1…") ]} },
{ ssn: { $exists: false } }
]
},
{ name: "Doris" }
]
}
}](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-30-320.jpg)
![#MDBLocal
{
name: "Doris"
ssn: "457-55-5462",
email: "Doris@gmail.com",
credit_card: "4690-6950-9373-8791",
comments: [ …. ],
avatar: BinData(0, "0fi8…"),
profile: { likes: {…}, dislikes: {…} }
}](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-48-320.jpg)
![#MDBLocal
Describes JSON
{
bsonType: "object",
properties: {
a: {
bsonType: "int"
maximum: 10
}
b: { bsonType: "string" }
},
required: ["a", "b"]
}
{
a: 5,
b: "hi"
}
{
a: 11,
b: false
}
JSON Schema](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-51-320.jpg)
![#MDBLocal
{
bsonType: "object",
properties: {
ssn: {
encrypt: { … }
}
},
required: ["ssn"]
}
JSON Schema "encrypt"](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-52-320.jpg)
![#MDBLocal
encrypt: {
keyId: <UUID[]> or <string>,
algorithm: <string>
bsonType: <string> or <string[]>
}
bsonType indicates the type of underlying data.
algorithm indicates how to encrypt (Random or Deterministic).
keyId indicates the key used to encrypt.](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-53-320.jpg)
![#MDBLocal
byte algorithm
byte[16] key_id
byte original_bson_type
byte* payload
Ciphertext](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-89-320.jpg)
![#MDBLocal
byte algorithm
byte[16] key_id
byte original_bson_type
byte* payload
key_id + algorithm describes how to decrypt.
No JSON Schema necessary!
Ciphertext](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-90-320.jpg)
![#MDBLocal
byte algorithm
byte[16] key_id
byte original_bson_type
byte* payload
Provides extra server-side validation.
But prohibits single-value types (MinKey, MaxKey, Undefined, Null) and Boolean
Ciphertext](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-91-320.jpg)
![#MDBLocal
byte algorithm
byte[16] key_id
byte original_bson_type
byte* payload
Payload includes encoded IV and padding block, and HMAC.
Ciphertext adds between 66 to 82 bytes of overhead.
Ciphertext](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-92-320.jpg)
![#MDBLocal
{
_id: UUID(…)
keyAltNames: [ "mykey" ],
keyMaterial: BinData(0, "39aJ…"),
… (some metadata) …
}
> db.keyvault.find()
Identify
(Cached locally only in memory)](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-94-320.jpg)
![#MDBlocal
Using Client Side
Encryption in MongoDB 4.2
[DEV/OPS]
Matthew Aylard
https://www.surveymonkey.com/r/KFB3PDD](https://image.slidesharecdn.com/115pmmjaclientsideencryptionlocal19b20190923-190925131506/85/MongoDB-local-London-2019-Using-Client-Side-Encryption-in-MongoDB-4-2-106-320.jpg)
MongoDB .local London 2019: Using Client Side Encryption in MongoDB 4.2
- 1. #MDBlocal Matthew Aylard Using Client Side Encryption in MongoDB 4.2 LONDON
- 3. #MDBLocal
- 4. #MDBLocal db.coll.insert({ _id: 1, name: "Doris", ssn: "457-55-5462" })
- 5. #MDBLocal
- 6. #MDBLocal doc = db.coll.find_one({ ssn: "457-55-5462" })
- 7. #MDBLocal
- 9. #MDBLocal { _id: 1 name: "Doris", ssn: "457-55-5462" }
- 10. #MDBLocal
- 11. #MDBLocal
- 12. #MDBLocal db.coll.insert({ name: "Doris", ssn: "457-55-5462" }) { insert: "coll", documents: [{ name: "Doris", ssn: BinData(6, "a10x…") }] } You see: MongoDB sees: Encrypt before sending
- 13. #MDBLocal { _id: 1 name: "Doris", ssn: BinData(6, "a10x…") } Driver receives: You see: { _id: 1 name: "Doris", ssn: "457-55-5462" } Decrypt after receiving
- 14. #MDBLocal How does this differ from…? •… encryption in-transit (TLS) •… encryption at-rest (encrypted storage engine)
- 15. #MDBLocal Attacker Query Client Disk insert write MongoDB Auth db.coll.insert({ name: "Doris", ssn: "457-55-5462" })
- 16. #MDBLocal Client Disk insert write MongoDB Attacker Snoop TLS db.coll.insert({ name: "Doris", ssn: "457-55-5462" })
- 17. #MDBLocal Client Disk insert write MongoDB Attacker insert TLS db.coll.insert({ name: "Doris", ssn: "457-55-5462" })
- 18. #MDBLocal Client Disk insert write MongoDB Attacker Steal ESE db.coll.insert({ name: "Doris", ssn: "457-55-5462" })
- 19. #MDBLocal Client Disk insert write MongoDB Attacker Login Client Side Encryption db.coll.insert({ name: "Doris", ssn: "457-55-5462" })
- 20. #MDBLocal Client Disk insert write MongoDB Boundaries of unencrypted data
- 21. #MDBLocal Client Disk insert write MongoDB … with Encrypted Storage Engine
- 23. #MDBLocal Client Disk insert write MongoDB with Client Side Encryption
- 24. #MDBLocal
- 26. #MDBLocal db.coll.update({}, { $set: { ssn: "457-55-5462" } }) { update: "coll", updates: [{ q:{}, u: { $set: { ssn: BinData(6, "a10x…") } } }] } You see: MongoDB sees: Update that overwrites value
- 27. #MDBLocal db.coll.aggregate([{ $project: { name_ssn: {$concat: [ "$name", " - ", "$ssn" ] } } }] Aggregate acting on the data
- 28. #MDBLocal Find with equality query * For deterministic encryption db.coll.find({ssn: "457-55-5462" }) { find: "coll", filter: { ssn: BinData(6, "a10x…") } } You see: MongoDB sees:
- 29. #MDBLocal Find with equality query * For deterministic encryption db.test.find( { $and: [ { $or: [ { ssn : { $in : [ "457-55-5462", "153-96-2097" ]} }, { ssn: { $exists: false } } ] }, { name: "Doris" } ] } ) You see:
- 30. #MDBLocal Find with equality query * For deterministic encryption MongoDB sees: { find: "coll", filter: { $and: [ { $or: [ { ssn : { $in : [ BinData(6, "a10x…"), BinData(6, "8dk1…") ]} }, { ssn: { $exists: false } } ] }, { name: "Doris" } ] } }
- 32. #MDBLocal
- 33. #MDBLocal
- 34. #MDBLocal Doris Private stuff in storage
- 35. #MDBLocal PoliceDoris Private stuff in storage
- 36. #MDBLocal Vault key Held only by you Vault
- 37. #MDBLocal
- 39. #MDBLocal
- 40. #MDBLocal { _id: 1, ssn: BinData(0, "A81…"), name: "Kevin" } { _id: 2, ssn: BinData(0, "017…"), name: "Eric" } { _id: 3, ssn: BinData(0, "5E1…"), name: "Albert" } …
- 41. #MDBLocal
- 42. #MDBLocal Destroy the key Provably delete all user data. GDPR "right-to-be-forgotten"
- 43. #MDBLocal
- 46. #MDBLocal One key for all vaults
- 47. #MDBLocal One key per vault
- 48. #MDBLocal { name: "Doris" ssn: "457-55-5462", email: "Doris@gmail.com", credit_card: "4690-6950-9373-8791", comments: [ …. ], avatar: BinData(0, "0fi8…"), profile: { likes: {…}, dislikes: {…} } }
- 49. #MDBLocal
- 50. #MDBLocal
- 51. #MDBLocal Describes JSON { bsonType: "object", properties: { a: { bsonType: "int" maximum: 10 } b: { bsonType: "string" } }, required: ["a", "b"] } { a: 5, b: "hi" } { a: 11, b: false } JSON Schema
- 52. #MDBLocal { bsonType: "object", properties: { ssn: { encrypt: { … } } }, required: ["ssn"] } JSON Schema "encrypt"
- 53. #MDBLocal encrypt: { keyId: <UUID[]> or <string>, algorithm: <string> bsonType: <string> or <string[]> } bsonType indicates the type of underlying data. algorithm indicates how to encrypt (Random or Deterministic). keyId indicates the key used to encrypt.
- 54. #MDBLocal opts = AutoEncryptionOptions( schema_map = { "db.coll": <schema> } …) Client side Schema
- 55. #MDBLocal Remote Schema Fallback db.createCollection("coll", { validator: { $jsonSchema: … } } ) Misconfigured Client insert "457-55-5462" error, that should be encrypted MongoDB
- 56. #MDBLocal What if … the server lies about the schema? Misconfigured Client insert "457-55-5462" Evil MongoDB ok :)
- 58. #MDBLocal
- 59. #MDBLocal Key vault Key vault key Held only by you
- 60. #MDBLocal
- 61. #MDBLocal
- 63. #MDBLocal opts = AutoEncryptionOptions( schema_map = { "db.coll": <schema> }, key_vault_namespace = "db.keyvault" …)
- 65. #MDBLocal What if … attacker drops key vault collection?
- 66. #MDBLocal Keep at home opts = AutoEncryptionOptions( schema_map = { "db.coll": <schema> }, key_vault_namespace = "db.keyvault", key_vault_client = <client> …)
- 68. #MDBLocal
- 70. #MDBLocal Protects keys Stores keys KMS Key vault key Key vault Key vault collection
- 72. #MDBLocal opts = AutoEncryptionOptions( schema_map = { "db.coll": <schema> }, key_vault_namespace = "db.keys", kms_providers = <creds> …)
- 74. #MDBLocal
- 75. #MDBLocal db.coll.insert({ name: "Doris", ssn: "457-55-5462" }) Get encrypted key Decrypt the key with KMSDecrypt the key with KMS Encrypt 457-55-5462 Send insert Compare to JSON schema
- 76. #MDBLocal
- 77. #MDBLocal
- 78. #MDBLocal Authenticated Encryption with Associated Data using the Advanced Encryption Standard (256) with Cipher Block Chaining and Hashed-based Message Authentication Code using the Secure Hash Algorithm (512).
- 81. #MDBLocal coll.insert({ ssn: "457-55-5462" }) { ssn: BinData(6, "a10x…") } You see: MongoDB stores: coll.insert({ ssn: "457-55-5462" }) { ssn: BinData(6, "f991…") } …Random
- 82. #MDBLocal coll.insert({ ssn: "457-55-5462" }) { ssn: BinData(6, "a10x…") } You see: MongoDB stores: coll.insert({ ssn: "457-55-5462" }) { ssn: BinData(6, "a10x…") } …Deterministic
- 83. #MDBLocal Can be queried doc = db.coll.find({ ssn: "457-55-5642" }) { find: "coll", filter: { ssn: BinData(0, "a10x…") } } Driver sends: { ssn: BinData(6, "a10x…") } MongoDB returns: …Deterministic
- 84. #MDBLocal Only for binary comparable types. db.coll.find({ a: { b: 1.0 } }) { a: { b: NumberInt(1) } } { a: { b: 1.0 } } { a: { b: NumberLong(1) } } MongoDB returns: …Deterministic
- 85. #MDBLocal { a: { b: NumberInt(1) } } { a: { b: 1.0 } } { a: { b: NumberLong(1) } } { a: BinData(6, "19d0…") } { a: BinData(6, "b515…") } { a: BinData(6, "801f…") } Encrypted as:
- 86. #MDBLocal db.coll.find({ a: { b: 1.0 } }) { a: { b: 1.0 } } MongoDB returns: "a" encrypted
- 87. #MDBLocal
- 88. #MDBLocal { ssn: BinData(6, "AWNkTYTCw89Ss1DPzV3/2pSRDNGNJ9NB" } New binary subtype Older drivers and older MongoDB will treat as a black box.
- 89. #MDBLocal byte algorithm byte[16] key_id byte original_bson_type byte* payload Ciphertext
- 90. #MDBLocal byte algorithm byte[16] key_id byte original_bson_type byte* payload key_id + algorithm describes how to decrypt. No JSON Schema necessary! Ciphertext
- 91. #MDBLocal byte algorithm byte[16] key_id byte original_bson_type byte* payload Provides extra server-side validation. But prohibits single-value types (MinKey, MaxKey, Undefined, Null) and Boolean Ciphertext
- 92. #MDBLocal byte algorithm byte[16] key_id byte original_bson_type byte* payload Payload includes encoded IV and padding block, and HMAC. Ciphertext adds between 66 to 82 bytes of overhead. Ciphertext
- 93. #MDBLocal
- 94. #MDBLocal { _id: UUID(…) keyAltNames: [ "mykey" ], keyMaterial: BinData(0, "39aJ…"), … (some metadata) … } > db.keyvault.find() Identify (Cached locally only in memory)
- 95. #MDBLocal
- 96. #MDBLocal
- 97. #MDBLocal
- 98. #MDBLocal
- 99. #MDBLocal
- 102. #MDBLocal EAST DICTATORLAND { _id: 1, body: BinData(6, "A81…") } { _id: 2, body: BinData(6, "017…") } { _id: 3, body: BinData(6, "5E1…") } …
- 103. #MDBLocal
- 104. Demo
- 105. THANK YOU
- 106. #MDBlocal Using Client Side Encryption in MongoDB 4.2 [DEV/OPS] Matthew Aylard https://www.surveymonkey.com/r/KFB3PDD