Preserving access pattern privacy in SGX-assisted encrypted search

Shujie Cui, Sana Belguith, Ming Zhang, Muhammad Rizwan Asghar, Giovanni Russello

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

8 Citations (Scopus)


Outsourcing sensitive data and operations to untrusted cloud providers is considered a challenging issue. To perform a search operation, even if both the data and the query are encrypted, attackers still can learn which data locations match the query and what results are returned to the user. This kind of leakage is referred to as data access pattern. Indeed, using access pattern leakage, attackers can easily infer the content of the data and the query. Oblivious RAM (ORAM), Fully Homomorphic Encryption (FHE), and secure Multi- Party Computation (MPC) offer a higher level of security but incur high computation and communication overheads. One promising practical approach to process the outsourced data efficiently and securely is leveraging trusted hardware like Intel SGX. Recently, several SGX- based solutions have been proposed in the literature. However, those solutions suffer from side channel attacks, high overheads of context switching, or limited SGX memory. In this paper, we present an SGX-assisted scheme for performing search over encrypted data. Our solution protects access pattern against side channel attacks while ensuring search efficiency. It can process large databases without requiring any long-term storage on SGX. We have implemented a prototype of the scheme and evaluated its performance using a dataset of 1 million records. The equality query and range query can be completed in 11 and 40 milliseconds, respectively. Comparing with ORAM- based solutions, such as ObliDB, our scheme is more than 10x faster.

Original languageEnglish
Title of host publication2018 27th International Conference on Computer Communication and Networks (ICCCN 2018)
EditorsSheng Zhong, Shambhu Upadhyaya
Place of PublicationPiscataway NJ USA
PublisherIEEE, Institute of Electrical and Electronics Engineers
Number of pages9
ISBN (Electronic)9781538651568
ISBN (Print)9781538651575
Publication statusPublished - 2018
Externally publishedYes
EventInternational Conference on Computer Communications and Networks (ICCCN) 2018 - Hangzhou City, Zhejiang Province, China
Duration: 30 Jul 20182 Aug 2018
Conference number: 27th (Proceedings)

Publication series

NameProceedings - International Conference on Computer Communications and Networks, ICCCN
PublisherInstitute of Electrical and Electronics Engineers, Inc.
ISSN (Electronic)1095-2055


ConferenceInternational Conference on Computer Communications and Networks (ICCCN) 2018
Abbreviated titleICCCN 2018
CityHangzhou City, Zhejiang Province
Internet address

Cite this