After several years With data breaches, leaks and hacks leaving the world in desperate need of tools to stop the illegal flow of sensitive personal data, a key achievement is on the horizon.
On Tuesday, MongoDB is announcing “encryption with a challenge,” a feature that will allow database users to search their data while it remains encrypted. The tool, which debuts in preview as part of MongoDB 6.0, attempts to tie scientific discoveries in cryptography to real world environments so that users can use the feature without the need for advanced theoretical knowledge. It is important to note that Queryable Encryption is designed to work with existing databases and does not require users to redesign their systems before they can take advantage of it.
Institutions from businesses to governments, healthcare facilities and critical infrastructure already rely on encryption to make data indecipherable (and therefore not worth stealing) as it travels across networks or stored in storage. But none of this protects data when it is actively used for legitimate purposes, such as when viewing patient medical records or setting up car rental bookings. This means that an attacker, including a fraudulent employee, could potentially gain access to data in the same way that a doctor or customer service agent would. It’s a nut everyone wants to crack and the database maker MongoDB has been work on possible solutions for years. Now, the company says it has it.
“This is exactly what customers want. We work with the biggest banks, pension schemes, treasury exchanges, payment networks, pizza chains – and everyone needs stronger guarantees,” says Kenn White, head of security for MongoDB. “And because of some practical engineering breakthroughs, it has gone from being an academic thing to something that can actually work with large databases.”
Queryable Encryption can allow a banking agent to examine your account for possible fraud on different days, without knowing which dates were flagged by the system. Or it might allow the service representative to enter the first few letters of the name and start the claim process, leaving the name scrambled and unintelligible.
Many of these breakthroughs were made by Brown University cryptographer Seni Qamar and his longtime collaborator Tariq Moataz. A few years ago, the couple co-founded a searchable encrypted database startup known as Aroki Systems with entrepreneur John Partridge. Aroki collaborated with MongoDB on database security issues. peculiarity, announced in 2019, while Kamara and Moataz continued to prototype a truly searchable encrypted database. In 2021, MongoDB acquired Aroki.
The Queryable Encryption system is built using a combination of established cryptographic protocols and conceptual advances that Kamara and Moataz have been working on for years in the field of cryptography known as structured encryption. The approach involves encrypting the data with a specific architecture so that it can be searched with special tokens specific to each request without decrypting the data. Other methods such as homomorphic encryption allow users to perform calculations on encrypted data, such as adding two columns to an encrypted spreadsheet. But structured encryption is specifically focused on organizing encrypted data so that it can be found without exposing the data itself.
“Our focus is not on how to do arithmetic on encrypted data, but on how to find information quickly — very, very quickly,” says Kamara, who is currently on leave from his position as an adjunct professor at Brown.
Speed is a challenge in encrypted operations, where each additional key check and calculation adds complexity to the underlying operations. But MongoDB claims that lookups performed with Queryable Encryption are impressively fast and won’t incur unreasonable performance hits—a claim that customers will be able to test for themselves with the new preview. MongoDB also makes much of the Queryable Encryption system open source, so users and other researchers can test the underlying cryptography.
“Most of the work is theoretical, algorithms, definitions of crypto security, but personally I want something to come out of it,” Camara says. “There is a social imperative behind the work of scientists. By working with a company the size of Mongo, this will be available to a huge number of people, a huge number of workloads.”
Moataz and Kamara point out that Aroki’s big breakthrough, which allowed them to take their ideas about structured encryption from academia to the real world, was their approach to using emulation as a way to use structured encryption properties with existing databases that are designed differently. Like emulating Super Nintendo games on your PC or emulating Windows on a Mac, this approach creates a threshold space where structured encryption can run on top of traditional databases.
However, Kamara and Moataz emphasize that collaborating with the MongoDB engineers and turning the Aroki Systems prototype into something that can actually be deployed at scale around the world was a challenge and a learning process.
“Seni and I have learned a lot about the limitations of real deployments that scientists know nothing about,” says Moataz. “Models in academia are less strict. So we’re enjoying it and improving our models and designs with these limitations in mind.”
While Tuesday’s release will be the first time the public has been able to test Queryable Encryption in the wild, Aroki Systems commissioned cryptographer JP Aumasson to conduct technical due diligence on the cryptographic underpinnings of their prototype system. In addition, MongoDB brought in University of Chicago cryptographer and searchable encryption researcher David Cash for an early look. Both told WIRED that while they did not test the deployment of the entire system, the underlying cryptography appears to be secure. And they both stress that it’s great to see a real searchable encryption scheme take shape after such a long time.
“A lot of the cryptographic research since the 1980s has focused on how we do it, so it’s a long time coming,” Cash says. “Everything in crypto is trade-offs and the world is complicated, so it’s important to be careful with absolute statements, but that this vision is realized in one form or another is very interesting. And this is not snake oil or security theater at all. They go deep into it and think carefully about the important things. ”
Aumasson says that many others claim to offer searchable encryption, but no technical depth or capability. “There were other products promoting encrypted search, but scientists would really laugh at them,” he says. “What Mongo is doing is academic and I’m very happy to see that.”
Credit: www.wired.com /