Brown CS News

Kamara, Moataz, And MongoDB’s “Queryable Encryption” Lets Data Stay Protected During Search

    Click the links that follow for more news about Seny Kamara, Tarik Moataz, and other recent accomplishments by Brown CS faculty and alums.

    Last month, MongoDB announced a new feature called “Queryable Encryption” that it says is a major step forward in the realm of data security. The feature will make MongoDB, which was co-founded by Brown CS alum Eliot Horowitz, the first company to enable users to search a database while the data itself remains encrypted, preventing malicious parties from accessing it.

    The foundations of Queryable Encryption sprung out of the research of Brown CS Professor Seny Kamara and Visiting Scientist Tarik Moataz in structured encryption, which examines how data can be arranged so that users can locate and manipulate desired information without decrypting it (and thus compromising security). Together with entrepreneur John Partridge, Seny and Tarik founded Aroki Systems, a cryptography  startup that incorporated their research to build a marketable product. In 2019, Aroki began a partnership with MongoDB that culminated in an acquisition of Aroki in 2021. 

    Because much of Seny and Tarik’s research is theoretical, figuring out how to integrate it into a practical, large-scale system presented a separate challenge. An important breakthrough, they say, was the invention of emulation, a technique that allowed them to execute their encrypted search algorithms on any pre-existing data platform . Through emulation, Seny and Tarik were able to integrate their algorithms  into real-world and large-scale data platforms like MongoDB, bridging the gap between theory and practice.

    These advancements could have vast implications for the future of data security. Traditionally, data is encrypted when it’s transported or stored, preventing attackers from gaining access to it when it’s not being used. But data exists to be used, and once it’s accessed (usually by the entity for which it was intended), it immediately becomes vulnerable. With Queryable Encryption, however, authorized users will be able to use data to address their various needs without decrypting it, preventing attackers from accessing it even while it’s available for its intended purposes.

    Though MongoDB’s Queryable Encryption has only recently been announced, this new feature and the research that underlies it will secure huge swaths of real-world data and has the potential to fundamentally change how industry stores and processes data.

    For more information, click the link that follows to contact Brown CS Communications Manager Jesse C. Polhemus.