MongoDb Field Encryption

Question

I am trying to set up a system where I can have a collection of users with encrypted fields and do a search on those fields.

I have tried looking on MongoDB documentation but there is no clear route

I want to have something like this

{
    fname : John,
    lname : Smith,
    ssn : "555-55-5555"
}

look like this

{
    fname : John,
    lname : Smith,
    ssn : "fweiubv3b443hbv4f48h"
}

then be able to do a search like

db.users.find({ssn : "555-55-5555"})

The goal is to have a schema run and create the collection

db.createCollection("user", {
    "validator": {
       "$jsonSchema": {
           ....
});

Answer 1

A common strategy to solve this problem requires two fields on the model. One is a hash, the other is the result of encryption.

Taking your SSN example:

Storing

• Take the plaintext SSN and HMAC it using key1.
• Take the plaintext SSN and encrypt it using a AAED mode like GCM with key2.
• Store the hash and encryption result in the database document or whatever. Names like ssn_hash and ssn_enc might be appropriate.

Looking Up

• Take the SSN you are searching for and HMAC it using key1.
• Perform a lookup on ssn_hash for the result above.

Getting Plaintext

• Lookup the database document however.
• Decrypt ssn_enc with key2.