Searchable Symmetric Encryption (SEE)

Notice: This section describes a non-default alternative backend for using encrypted search. The current recommended way is to use the default hash-based index search.

A key feature of Confidential Storage is the ability to search through encrypted data. The main challenge is that the higher the security of a system is, the lower its performance and efficiency.

The reasons that the search functionality consumes more performance are obvious: If you want to search through encrypted data, you either have to decrypt the data first to be able to search through it, or you use other methods that also involve additional operations. Regardless of the method, the system must always carry out additional steps that are not required in unencrypted systems.

The SSE concept tries to achieve a suitable balance between security and efficiency.

The following graphic shows the main components of a simple SEE system: