“SQL Server has had this feature since 2016 (Always Encrypted).”
Always Encrypted is only client side not server side encryption…correct?
Compare to Queryable Encryption…
Data encrypted throughout its lifecycle: Queryable Encryption adds another layer of security for your most sensitive data, where data remains secure in-transit, at-rest, in memory, in logs, and in backups. Additionally, Queryable Encryption encrypts data as fully randomized on the server-side.
Queryable Encryption and Always Encrypted are not comparable…
More limitations of Always Encrypted…
5 LESSONS LEARNED WITH SQL ALWAYS ENCRYPTED
https://www.imaginet.com/2020/lessons-learned-sql-always-enc…
snip…
- Columns Double in Size
You can expect the size of the columns you encrypt to roughly double. Depending on the number of columns you need to encrypt and the data type of those columns, this may be significant. We found this to be the most problematic with one customer that stores documents in their database as varbinary data. The database doubled in size when the document column was encrypted.
A list of Always Encrypted limitations from Microsoft…
https://docs.microsoft.com/en-us/sql/relational-databases/se….
Always Encrypted isn’t supported for the columns with the below characteristics. For example, if any of the following conditions apply to the column, the ENCRYPTED WITH clause can’t be used in CREATE TABLE/ALTER TABLE for a column:
Columns using one of the following data types: xml, timestamp/rowversion, image, ntext, text, sql_variant, hierarchyid, geography, geometry, alias, user defined-types.
FILESTREAM columns
Columns with the IDENTITY property.
Columns with ROWGUIDCOL property.
String (varchar, char, etc.) columns with non-bin2 collations.
Columns that are keys for clustered and nonclustered indices when using randomized encryption (deterministic encryption is supported).
Columns included in full-text indexes (Always Encrypted does not support Full Text Search).
Computed columns.
Columns referenced by computed columns (when the expression does unsupported operations for Always Encrypted).
Sparse column set.
Columns that are referenced by statistics when using randomized encryption (deterministic encryption is supported).
Columns using alias types.
Partitioning columns.
Columns with default constraints.
Columns referenced by unique constraints when using randomized encryption (deterministic encryption is supported).
Primary key columns when using randomized encryption (deterministic encryption is supported).
Referencing columns in foreign key constraints when using randomized encryption or when using deterministic encryption, if the referenced and referencing columns use different keys or algorithms.
Columns referenced by check constraints.
Columns captured/tracked using change data capture.
Primary key columns on tables that have change tracking.
Columns that are masked (using Dynamic Data Masking).
Columns in Stretch Database tables. (Tables with columns encrypted with Always Encrypted can be enabled for Stretch.)
Columns in external (PolyBase) tables (note: using external tables and tables with encrypted columns in the same query is supported).
Table-valued parameters targeting encrypted columns aren’t supported.
MongoDB Queryable Encryption Preview:
https://www.mongodb.com/blog/post/mongodb-releases-queryable…
Current state and challenges around data security
Although existing encryption solutions (in-transit and at-rest) cover many regulatory use cases, none of them protects sensitive data while it is in use. In-use data encryption often is a requirement for high-sensitivity workloads for customers in financial services, healthcare, and critical infrastructure organizations. Currently, challenges around in-use encryption technologies include:
In-use encryption is highly complex, involving custom code from the application side in order to encrypt, process, filter, and decrypt the data to show it to the users. It also involves managing encryption keys in order to encrypt/decrypt the data.
Developers need cryptography experience in order to design a secure encryption solution.
Current solutions have limited or no querying capabilities, which makes using encrypted data in applications difficult.
Some of the existing tools, such as homomorphic encryption or secure enclaves have performance unsuited to scalable encrypted search, require proprietary hardware, or have uncertain security properties.
Introducing Queryable Encryption
Queryable Encryption removes operational heavy-lifting, resulting in faster app development without sacrificing data protection, compliance, and data privacy security requirements.
Diagram of how queryable encryption works
Here is a sample flow of operations in which an authenticated user wants to query the data, but now the user is able to query on fully randomly encrypted data. In this example, let’s assume we are retrieving the SSN number of a user.
When the application submits the query, MongoDB drivers first analyze the query.
Recognizing the query is against an encrypted field, the driver requests the encryption keys from the customer-provisioned key provider, such as AWS Key Management Service (AWS KMS), Google Cloud KMS, Azure Key Vault, or any KMIP-enabled provider, such as HashiCorp Vault.
The driver submits the query to the MongoDB server with the encrypted fields rendered as ciphertext.
Queryable Encryption implements a fast, searchable scheme that allows the server to process queries on fully encrypted data, without knowing anything about the data. The data and the query itself remain encrypted at all times on the server.
The MongoDB server returns the encrypted results of the query to the driver.
The query results are decrypted with the keys held by the driver and returned to the client and shown as plaintext.
Advantages of Queryable Encryption
Rich querying capabilities on encrypted data: MongoDB is the only database provider that allows customers to run rich query expressions like range, equality, prefix, suffix, and more on encrypted data. (equality search is in the Preview release and the rest will follow in future releases) This is a huge advantage for customers as they can run expressive queries while securing their data confidently.
Data encrypted throughout its lifecycle: Queryable Encryption adds another layer of security for your most sensitive data, where data remains secure in-transit, at-rest, in memory, in logs, and in backups. Additionally, Queryable Encryption encrypts data as fully randomized on the server-side.
Strong technical controls for critical data privacy use cases: Strong technical controls allow customers to meet the strictest data privacy requirements for confidentiality and integrity using standards-based cryptography. Customers maintain control of encryption keys at all times, and data encryption/decryption happens only on the client-side. This guarantees that only authorized users with access to the client-side application and the encryption keys are able to see the plaintext data. These strong controls can help customers meet data privacy requirements mandated by HIPAA, GDPR, CCPA, and more.
Faster application development: Developers don’t need to be experts in cryptography to protect data with the highest levels of confidentiality and integrity. Unlike an SDK, where the wrong design choice could lead to weakened security, Queryable Encryption is a comprehensive encryption solution using standard-based cryptography and strong key management built-in. It is easy to set up and is supported on popular MongoDB drivers.
Reduce institutional risk: Customers who are migrating to the cloud can confidently store their more sensitive data in MongoDB Atlas. Queryable Encryption allows customers to maintain control of their data while allowing rich, expressive querying capabilities on fully randomized encrypted data.
MongoDB enables strong security defaults to ensure that security configurations such as authentication, authorization, in-transit and at-rest encryption are always on, to make it easy for customers to develop and focus on their business needs. Queryable Encryption adds another layer of security, which is a strong form of technical control enabling our customers to protect data throughout its lifecycle, and you’ll have the ability to run rich queries on the encrypted data.