Queryable Encryption is generally available (GA) in MongoDB 7.0. To learn more, see Queryable Encryption.
This version of the documentation is archived and no longer supported. To upgrade your 6.0 deployment, see the MongoDB 7.0 upgrade procedures.
MongoDB encrypts all fields in CSFLE with the AEAD AES-256-CBC encryption algorithm.
If you specify deterministic encryption for a field, your application passes a deterministic initialization vector to AEAD.
If you specify random encryption for a field, your application passes a random initialization vector to AEAD.
Note
Authenticated Encryption
MongoDB CSFLE uses the encrypt-then-MAC approach to perform authenticated encryption. MongoDB CSFLE uses the HMAC-SHA-512 algorithm to generate your MAC.