Docs Menu

/

/

/

/

In-Use Encryption

/

Client-Side Field Level Encryption

/

Cryptographic Primitives

The next-generation Queryable Encryption feature is now in Public Preview. To learn more about Queryable Encryption, see Queryable Encryption.

MongoDB encrypts all fields in CSFLE with the AEAD AES-256-CBC encryption algorithm.

If you specify deterministic encryption for a field, your application passes a deterministic initialization vector to AEAD.
If you specify random encryption for a field, your application passes a random initialization vector to AEAD.

Note

Authenticated Encryption

MongoDB CSFLE uses the encrypt-then-MAC approach to perform authenticated encryption. MongoDB CSFLE uses the HMAC-SHA-512 algorithm to generate your MAC.

Back

How CSFLE Decrypts Documents

Next

Install and Configure mongocryptd