Cetus: an efficient symmetric searchable encryption against file-injection attack with SGX

Symmetric searchable encryption (SSE) allows the users to store and query their private data in the encrypted database. Many SSE schemes for different scenarios have been proposed in the past few years, however, most of these schemes still face more or fewer security issues. Using these security leakages, many attacks against the SSE scheme have been proposed, and especially the non-adaptive file injection attack is the most serious. Non-adaptive file injection attack (NAFA) can effectively recover some extremely important private information such as keyword plaintext. As of now, there is no scheme that can effectively defend against such attacks. We first propose the new security attribute called toward privacy to resist non-adaptive file injection attacks. We then present an efficient SSE construction called Cetus to achieve toward privacy. By setting up a buffer and designing the efficient oblivious reading algorithm based on software guard extensions (SGX), we propose the efficient one-time oblivious writing mechanism. Oblivious writing protects the update pattern and allows search operations to be performed directly on the data. The experiment results show that Cetus achieves O ( a w ) search time and O (1) update communication. The practical search time, communication, and computation overheads incurred by Cetus are lower than those of state-of-the-art.