You are viewing an offline version of MongoDB documentation. Some page features might be unavailable. To view the latest version of the page or use interactive features, visit the live page.
CSFLE Cryptographic Primitives
MongoDB's Queryable Encryption feature is available (GA) in MongoDB 7.0 and later. To learn more about Queryable Encryption and compare its benefits with Client-Side Field Level Encryption, see Queryable Encryption.
MongoDB encrypts all fields in CSFLE with the AEAD AES-256-CBC encryption algorithm.
If you specify deterministic encryption for a field, your application passes a deterministic initialization vector to AEAD.
If you specify random encryption for a field, your application passes a random initialization vector to AEAD.
Note
Authenticated Encryption
MongoDB CSFLE uses the encrypt-then-MAC approach to perform authenticated encryption. MongoDB CSFLE uses the HMAC-SHA-512 algorithm to generate your MAC.