Go to DBLP homepageMemory-Efficient Encrypted Search Using Trusted Execution Environment
Abstract: Dynamic searchable encryption (DSE) is important to enable dynamic updates (addition/deletion) on an encrypted database maintained by an untrusted server hosted on the cloud. It is desired that such updates should reveal as less as possible the information revealed to the server. As a result, advanced security notions of forward and backward privacy have been proposed to categorise the leakage by via addition and historical deletion, respectively. However, recent backward-(forward)-private schemes are not efficient enough to support very large databases. In this paper, we resort to the trusted execution environment, i.e., Intel SGX, to ease the above bottleneck. In detail, we proposed Magnus that guarantees Type I\(^{-}\) backward privacy. Our key idea is to leverage a compressed Bloom filter within the Intel SGX’s enclave to verify the deletion documents with the search keyword. This optimisation minimises the communication overhead between the SGX and untrusted memory. Then, to reduce the enclave’s memory, Magnus further relies on a position map-free oblivious data structure maintained by the untrusted server. This improvement is to avoid paging effect in the enclave.
Loading