-
Type:
Improvement
-
Resolution: Unresolved
-
Priority:
Major - P3
-
None
-
Affects Version/s: None
-
Component/s: Queryable Encryption
-
None
-
Server Security
-
Security 2024-07-08, Security 2024-07-22, Security 2024-08-05, Security 2024-08-19, Security 2024-09-02, Security 2024-09-16, Security 2024-09-30, Security 2024-10-14, Security 2024-10-28, Security 2024-11-11, Security 2024-11-25
Scope
Add encryption parameters to QE payloads intended for the server. contentionFactor is already present in payloads. Add: min, max, trimFactor, sparsity, precision to the range payloads:
- FLE2InsertUpdatePayloadV2
- FLE2FindRangePayloadV2.
Reject incoming QE payloads created with values differing from the server's encryptedFields.
Background & Motivation
If a QE payload is generated with parameters that do not match the server, the server may quietly accept the values. This may result in incorrect query responses.
Here is a runnable example. Relevant snippet:
# Create the collection with contention_factor=1 coll = db.create_collection("coll", encryptedFields=encrypted_fields) # Insert with contention_factor=2 payload = client_encryption.encrypt( "foo", Algorithm.INDEXED, key_id, contention_factor=2 ) coll.insert_one({"encrypted": payload}) # No error! # Find with contention_factor=1 find_payload = client_encryption.encrypt( "foo", Algorithm.INDEXED, key_id, query_type=QueryType.EQUALITY, contention_factor=1, ) doc = coll.find_one({"encrypted": find_payload}) print(f"Got document: {doc}") # Sometimes 'None'!
See Safeguard mismatched encryption parameters for a further description.
- has to be done after
-
-
- Closed
-