Data at Rest Encryption

Data at rest encryption for the WiredTiger storage engine in MongoDB was introduced in MongoDB Enterprise version 3.2 to ensure that encrypted data files can be decrypted and read by parties with the decryption key.

Important

Limitations

data encryption at rest in Percona Server for MongoDB will not encrypt data backups created by mongodump or mongoexport utilities, AuditLog, general log and diagnostic data. Hot backups, however, are encrypted.

Differences from Upstream

Although the data encryption at rest in Percona Server for MongoDB accepts similar options as MongoDB Enterprise with data encryption at rest, the Percona Server for MongoDB binary is not a drop-in replacement of mongod from MongoDB Enterprise. In the current release of Percona Server for MongoDB, the data encryption at rest does not include support for KMIP, HashiCorp Vault or Amazon AWS key management services.

Encrypting Rollback Files

Starting from version 3.6, Percona Server for MongoDB also encrypts rollback files when data at rest encryption is enabled. To inspect the contents of these files, use perconadecrypt. This is a tool that you run from the command line as follows:

$ perconadecrypt --encryptionKeyFile FILE  --inputPath FILE --outputPath FILE [--encryptionCipherMode MODE]

When decrypting, the cipher mode must match the cipher mode which was used for the encryption. By default, the --encryptionCipherMode option uses the AES256-CBC mode.

Parameters of perconadecrypt

Option Purpose
–encryptionKeyFile The path to the encryption key file
–encryptionCipherMode The cipher mode for decryption. The supported values are AES256-CBC or AES256-GCM
–inputPath The path to the encrypted rollback file
–outputPath The path to save the decrypted rollback file

Important Configuration Options

Percona Server for MongoDB supports the encryptionCipherMode option where you choose one of the following cipher modes:

  • AES256-CBC
  • AES256-GCM

By default, the AES256-CBC cipher mode is applied. The following example demonstrates how to apply the AES256-GCM cipher mode when starting the mongod service:

$ mongod ... --encryptionCipherMode AES256-GCM

Percona Server for MongoDB also supports the options exposed by the upstream solution:

  • --enableEncryption to enable data at rest encryption
  • --encryptionKeyFile to specify the path to a file that contains the encryption key
$ mongod ... --enableEncryption --encryptionKeyFile <fileName>

The key file must contain a 32 character string encoded in base64. You can generate a random key and save it to a file by using the openssl command:

$ openssl rand -base64 32 > mongodb-keyfile

Then, as the owner of the mongod process, update the file permissions: only the owner should be able to read and modify this file. The effective permissions specified with the chmod command can either be 600 (only the owner may read and modify the file) or 400 (only the owner may read the file.)

$ chmod 600 mongodb-keyfile

If mongod is started with the --relaxPermChecks option and the key file is owned by root then mongod can read the file based on the group bit set accordingly. The effective key file permissions in this case are either 440 (both the owner and the group can only read the file) or 640 (only the owner can read and the change the file, the group can only read the file).

All these options can be specified in the configuration file:

security:
   enableEncryption: <boolean>
   encryptionCipherMode: <string>
   encryptionKeyFile: <string>
   relaxPermChecks: <boolean>

See also

MongoDB Documentation: How to set options in a configuration file
https://docs.mongodb.com/manual/reference/configuration-options/index.html#configuration-file