Symmetric searchable encryption (SSE) allows the users to store and query their private data in the encrypted database. Many SSE schemes for different scenarios have been proposed in the past few years, however, most of these schemes still face more or fewer security issues. Using these security leakages, many attacks against the SSE scheme have been proposed, and especially the non-adaptive file injection attack is the most serious. Non-adaptive file injection attack (NAFA) can effectively recover some extremely important private information such as keyword plaintext. As of now, there is no scheme that can effectively defend against such attacks. We first propose the new security attribute called toward privacy to resist non-adaptive file injection attacks. We then present an efficient SSE construction called Cetus to achieve toward privacy. By setting up a buffer and designing the efficient oblivious reading algorithm based on software guard extensions (SGX), we propose the efficient one-time oblivious writing mechanism. Oblivious writing protects the update pattern and allows search operations to be performed directly on the data. The experiment results show that Cetus achieves O(a_w) search time and O(1) update communication. The practical search time, communication, and computation overheads incurred by Cetus are lower than those of state-of-the-art.

对称可搜索加密 (SSE) 允许用户在加密数据库中存储和查询他们的私人数据。过去几年已经提出了许多针对不同场景的SSE方案，然而，这些方案中的大多数仍然或多或少地面临安全问题。利用这些安全漏洞，人们提出了许多针对SSE方案的攻击，其中以非自适应文件注入攻击最为严重。非自适应文件注入攻击（NAFA）可以有效恢复一些极其重要的隐私信息，如关键字明文。到目前为止，还没有任何方案可以有效地防御此类攻击。我们首先提出了称为隐私的新安全属性，以抵抗非自适应文件注入攻击。然后，我们提出了一种名为 Cetus 的高效 SSE 构造来实现隐私。通过设置缓冲区并设计基于软件保护扩展（SGX）的高效不经意读取算法，我们提出了高效的一次性不经意写入机制。Oblivious 写入保护更新模式并允许直接对数据执行搜索操作。实验结果表明，Cetus 达到了O ( a _w ) 搜索时间和O (1) 更新通信。Cetus 产生的实际搜索时间、通信和计算开销低于最先进的。