CAMiSE: Content Addressable Memory-Integrated Searchable Encryption
Abstract
Searchable symmetric encryption (SSE) is a special class of encryption schemes for computing directly over encrypted data. SSE aims to be significantly more efficient as compared to other solutions, such as fully homomorphic encryption (FHE), while leaking only minimal information to the adversary. SSE is particularly efficient and scalable for Boolean queries over large encrypted relational databases outsourced to third-party cloud service providers. However, practical implementations of SSE often suffer from performance bottlenecks due to randomised memory accesses for reads/writes and computation-intensive cryptographic operations. As a result, a gap exists today between theoretically efficient SSE algorithms and practically efficient SSE systems for real-world databases. In this paper, we address this longstanding open question that has otherwise hindered the widespread deployment of SSE over real cloud computing platforms. We propose CAMiSE -a fully associative memory-integrated framework for designing SSE systems with fast query processing over extremely large databases. We show a novel usage of custom-designed Content Addressable Memory (CAM), together with robust data access policies, to bridge the memory wall in traditional SSE implementations by minimising storage-access latencies due to randomised look-up operations during searches. Coupled with dedicated hardware accelerators for cryptographic operations, CAMiSE achieves extremely fast and scalable query processing over encrypted relational databases. We prototype multiple well-known SSE algorithms and SSE data structures within our proposed CAMiSE framework. Our experiments show that these implementations achieve around 5× to 7× speed-up over traditional software-based implementations while scaling smoothly to extensive real-world databases with millions of records.