| abstract |
A method may include exchanging a secret symmetric key (SSK) between a first trusted execution environment (TEE) of a first system, a second TEE of a second system and a third TEE of a third system. The method may also include receiving, by the first system, an encrypted first set of data from the second system. The method may also include decrypting, by the first TEE, the encrypted first set of data using the SSK. The method may also include receiving, by the first system, an encrypted query from the third system. The method may also include decrypting, by the first TEE, the encrypted query using the SSK. The method may also include determining, by the first TEE, a query result to the decrypted query using index sets. The method may also include sending, by the first TEE, the encrypted query result to the third system. |