MongoDB's Queryable Encryption feature is available (GA) in MongoDB 7.0 and later. To learn more about Queryable Encryption and compare its benefits with Client-Side Field Level Encryption, see Queryable Encryption.
MongoDB encrypts all fields in CSFLE with the AEAD AES-256-CBC encryption algorithm.
If you specify deterministic encryption for a field, your application passes a deterministic initialization vector to AEAD.
If you specify random encryption for a field, your application passes a random initialization vector to AEAD.
Note
Authenticated Encryption
MongoDB CSFLE uses the encrypt-then-MAC approach to perform authenticated encryption. Both Queryable Encryption and CSFLE use the HMAC-SHA-256 algorithm to generate your MAC.