{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,6]],"date-time":"2026-03-06T22:02:47Z","timestamp":1772834567849,"version":"3.50.1"},"reference-count":72,"publisher":"Association for Computing Machinery (ACM)","issue":"3","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Proc. VLDB Endow."],"published-print":{"date-parts":[[2021,11]]},"abstract":"Protection of personal data has been raised to be among the top requirements of modern systems. At the same time, it is now frequent that the owner of the data and the owner of the computing infrastructure are two entities with limited trust between them (e. g., volunteer computing or the hybrid-cloud). Recently, trusted execution environments (TEEs) became a viable solution to ensure the security of systems in such environments. However, the performance of relational operators in TEEs remains an open problem. We conduct a comprehensive experimental study to identify the main bottlenecks and challenges when executing relational equi-joins in TEEs. For this, we introduce TEEbench, a framework for unified benchmarking of relational operators in TEEs, and use it for conducting our experimental evaluation. In a nutshell, we perform the following experimental analysis for eight core join algorithms: off-the-shelf performance; the performance implications of data sealing and obliviousness; sensitivity and scalability. The results show that all eight join algorithms significantly suffer from different performance bottlenecks in TEEs. They can be up to three orders of magnitude slower in TEEs than on plain CPUs. Our study also indicates that existing join algorithms need a complete, hardware-aware redesign to be efficient in TEEs, and that, in secure query plans, managing TEE features is equally important to join selection.<\/jats:p>","DOI":"10.14778\/3494124.3494146","type":"journal-article","created":{"date-parts":[[2022,2,5]],"date-time":"2022-02-05T00:31:46Z","timestamp":1644021106000},"page":"659-672","source":"Crossref","is-referenced-by-count":12,"title":["What is the price for joining securely?"],"prefix":"10.14778","volume":"15","author":[{"given":"Kajetan","family":"Maliszewski","sequence":"first","affiliation":[{"name":"Technische Universit\u00e4t Berlin (TU Berlin)"}]},{"given":"Jorge-Arnulfo","family":"Quian\u00e9-Ruiz","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Berlin (TU Berlin) and German Research Center for Artificial Intelligence (DFKI)"}]},{"given":"Jonas","family":"Traub","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Berlin (TU Berlin)"}]},{"given":"Volker","family":"Markl","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Berlin (TU Berlin) and German Research Center for Artificial Intelligence (DFKI)"}]}],"member":"320","published-online":{"date-parts":[[2022,2,4]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2006.144"},{"key":"e_1_2_1_2_1","volume-title":"Retrieved","author":"AMD.","year":"2021","unstructured":"AMD. 2021 . AMD Secure Encrypted Virtualization (SEV) . Retrieved May 18, 2021 from https:\/\/developer.amd.com\/sev\/ AMD. 2021. AMD Secure Encrypted Virtualization (SEV). Retrieved May 18, 2021 from https:\/\/developer.amd.com\/sev\/"},{"key":"e_1_2_1_3_1","volume-title":"Proceedings of the 2nd international workshop on hardware and architectural support for security and privacy","volume":"13","author":"Anati Ittai","year":"2013","unstructured":"Ittai Anati , Shay Gueron , Simon Johnson , and Vincent Scarlata . 2013 . Innovative technology for CPU based attestation and sealing . In Proceedings of the 2nd international workshop on hardware and architectural support for security and privacy , Vol. 13 . ACM New York, NY, USA, 7. Ittai Anati, Shay Gueron, Simon Johnson, and Vincent Scarlata. 2013. Innovative technology for CPU based attestation and sealing. In Proceedings of the 2nd international workshop on hardware and architectural support for security and privacy, Vol. 13. ACM New York, NY, USA, 7."},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/CCGRID.2006.101"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3318464.3386141"},{"key":"e_1_2_1_6_1","volume-title":"Proceedings of the 17th International Conference on Database Theory. 26--37","author":"Arasu Arvind","year":"2013","unstructured":"Arvind Arasu and Raghav Kaushik . 2013 . Oblivious query processing . In Proceedings of the 17th International Conference on Database Theory. 26--37 . Arvind Arasu and Raghav Kaushik. 2013. Oblivious query processing. In Proceedings of the 17th International Conference on Database Theory. 26--37."},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.14778\/2732219.2732227"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2013.6544839"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.14778\/2735496.2735499"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813649"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1989323.1989328"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/645925.671364"},{"key":"e_1_2_1_13_1","volume-title":"One Glitch to Rule Them All: Fault Injection Attacks Against AMD's Secure Encrypted Virtualization. arXiv preprint arXiv:2108.04575","author":"Buhren Robert","year":"2021","unstructured":"Robert Buhren , Hans-Niklas Jacob , Thilo Krachenfels , and Jean-Pierre Seifert . 2021. One Glitch to Rule Them All: Fault Injection Attacks Against AMD's Secure Encrypted Virtualization. arXiv preprint arXiv:2108.04575 ( 2021 ). Robert Buhren, Hans-Niklas Jacob, Thilo Krachenfels, and Jean-Pierre Seifert. 2021. One Glitch to Rule Them All: Fault Injection Attacks Against AMD's Secure Encrypted Virtualization. arXiv preprint arXiv:2108.04575 (2021)."},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354216"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813700"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.14778\/1454159.1454171"},{"key":"e_1_2_1_17_1","first-page":"1","article-title":"Intel SGX Explained","volume":"2016","author":"Costan Victor","year":"2016","unstructured":"Victor Costan and Srinivas Devadas . 2016 . Intel SGX Explained . IACR Cryptol. ePrint Arch. 2016 , 86 (2016), 1 -- 118 . Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. IACR Cryptol. ePrint Arch. 2016, 86 (2016), 1--118.","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"e_1_2_1_18_1","unstructured":"cplusplus. 2021. . Retrieved May 31 2021 from https:\/\/www.cplusplus.com\/reference\/stl\/ cplusplus. 2021. . Retrieved May 31 2021 from https:\/\/www.cplusplus.com\/reference\/stl\/"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/971697.602261"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2588555.2594511"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.14778\/3364324.3364331"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2018.00094"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.14778\/3407790.3407800"},{"key":"e_1_2_1_24_1","volume-title":"Retrieved","year":"2021","unstructured":"Github. 2021 . An Oblivious General-Purpose SQL Database for the Cloud . Retrieved May 18, 2021 from https:\/\/github.com\/SabaEskandarian\/ObliDB Github. 2021. An Oblivious General-Purpose SQL Database for the Cloud. Retrieved May 18, 2021 from https:\/\/github.com\/SabaEskandarian\/ObliDB"},{"key":"e_1_2_1_25_1","volume-title":"Retrieved","year":"2021","unstructured":"Github. 2021 . Intel SGX for Linux . Retrieved Sep 14, 2021 from https:\/\/github.com\/agora-ecosystem\/linux-sgx\/tree\/2.11-exp-multithreading Github. 2021. Intel SGX for Linux. Retrieved Sep 14, 2021 from https:\/\/github.com\/agora-ecosystem\/linux-sgx\/tree\/2.11-exp-multithreading"},{"key":"e_1_2_1_26_1","volume-title":"Retrieved","year":"2021","unstructured":"Github. 2021 . Intel SGX Linux Driver . Retrieved Sep 14, 2021 from https:\/\/github.com\/agora-ecosystem\/linux-sgx-driver\/tree\/ewb-monitoring Github. 2021. Intel SGX Linux Driver. Retrieved Sep 14, 2021 from https:\/\/github.com\/agora-ecosystem\/linux-sgx-driver\/tree\/ewb-monitoring"},{"key":"e_1_2_1_27_1","volume-title":"Retrieved","year":"2021","unstructured":"Github. 2021 . TEE Relational Operator Benchmark Suite . Retrieved Sep 14, 2021 from https:\/\/github.com\/agora-ecosystem\/tee-bench Github. 2021. TEE Relational Operator Benchmark Suite. Retrieved Sep 14, 2021 from https:\/\/github.com\/agora-ecosystem\/tee-bench"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/233551.233553"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/SRDS.2018.00024"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978351"},{"key":"e_1_2_1_31_1","unstructured":"Shay Gueron. 2016. A memory encryption engine suitable for general purpose processors. IACR Cryptol. ePrint Arch. (2016). Shay Gueron. 2016. A memory encryption engine suitable for general purpose processors. IACR Cryptol. ePrint Arch. (2016)."},{"key":"e_1_2_1_32_1","volume-title":"Retrieved","year":"2020","unstructured":"IMDb. 2020 . IMDb Datasets . Retrieved December 18, 2020 from https:\/\/www.imdb.com\/interfaces\/ IMDb. 2020. IMDb Datasets. Retrieved December 18, 2020 from https:\/\/www.imdb.com\/interfaces\/"},{"key":"e_1_2_1_33_1","unstructured":"Intel. 2020. . Retrieved May 31 2021 fromhttps:\/\/download.01.org\/intel-sgx\/sgx-linux\/2.11\/ Intel. 2020. . Retrieved May 31 2021 fromhttps:\/\/download.01.org\/intel-sgx\/sgx-linux\/2.11\/"},{"key":"e_1_2_1_34_1","volume-title":"Retrieved","year":"2020","unstructured":"Intel. 2020 . An Efficient Parallel Three-Way Quicksort Using Intel C++ Compiler And OpenMP 4.5 Library . Retrieved May 18, 2021 from https:\/\/software.intel.com\/content\/www\/us\/en\/develop\/articles\/an-efficient-parallel-three-way-quicksort-using-intel-c-compiler-and-openmp-45-library.html Intel. 2020. An Efficient Parallel Three-Way Quicksort Using Intel C++ Compiler And OpenMP 4.5 Library. Retrieved May 18, 2021 from https:\/\/software.intel.com\/content\/www\/us\/en\/develop\/articles\/an-efficient-parallel-three-way-quicksort-using-intel-c-compiler-and-openmp-45-library.html"},{"key":"e_1_2_1_35_1","volume-title":"Retrieved","year":"2021","unstructured":"Intel. 2021 . Intel Architecture Memory Encryption Technologies . Retrieved May 18, 2021 from https:\/\/software.intel.com\/content\/dam\/develop\/external\/us\/en\/documents-tps\/multi-key-total-memory-encryption-spec.pdf Intel. 2021. Intel Architecture Memory Encryption Technologies. Retrieved May 18, 2021 from https:\/\/software.intel.com\/content\/dam\/develop\/external\/us\/en\/documents-tps\/multi-key-total-memory-encryption-spec.pdf"},{"key":"e_1_2_1_36_1","volume-title":"Retrieved","year":"2021","unstructured":"Intel. 2021 . Intel VTune Profiler . Retrieved May 18, 2021 from https:\/\/software.intel.com\/content\/www\/us\/en\/develop\/tools\/oneapi\/components\/vtune-profiler.html Intel. 2021. Intel VTune Profiler. Retrieved May 18, 2021 from https:\/\/software.intel.com\/content\/www\/us\/en\/develop\/tools\/oneapi\/components\/vtune-profiler.html"},{"key":"e_1_2_1_37_1","first-page":"12","article-title":"Access pattern disclosure on searchable encryption: ramification, attack and mitigation","volume":"20","author":"Islam Mohammad Saiful","year":"2012","unstructured":"Mohammad Saiful Islam , Mehmet Kuzu , and Murat Kantarcioglu . 2012 . Access pattern disclosure on searchable encryption: ramification, attack and mitigation .. In Ndss , Vol. 20. 12 . Mohammad Saiful Islam, Mehmet Kuzu, and Murat Kantarcioglu. 2012. Access pattern disclosure on searchable encryption: ramification, attack and mitigation.. In Ndss, Vol. 20. 12.","journal-title":"Ndss"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978386"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.14778\/2831360.2831362"},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00778-016-0441-6"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.14778\/1687553.1687564"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.14778\/3407790.3407814"},{"key":"e_1_2_1_43_1","volume-title":"Memory Data Management and Analysis","author":"Lang Harald","unstructured":"Harald Lang , Viktor Leis , Martina-Cezara Albutiu , Thomas Neumann , and Alfons Kemper . 2013. Massively parallel NUMA-aware hash joins . In In Memory Data Management and Analysis . Springer , 3--14. Harald Lang, Viktor Leis, Martina-Cezara Albutiu, Thomas Neumann, and Alfons Kemper. 2013. Massively parallel NUMA-aware hash joins. In In Memory Data Management and Analysis. Springer, 3--14."},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/TPDS.2014.2318320"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2008.4497553"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2013.11.021"},{"key":"e_1_2_1_47_1","volume-title":"Proceedings of the VLDB PhD Workshop","author":"Maliszewski Kajetan","year":"2020","unstructured":"Kajetan Maliszewski . 2020 . Secure Data Processing at Scale . Proceedings of the VLDB PhD Workshop (2020). Kajetan Maliszewski. 2020. Secure Data Processing at Scale. Proceedings of the VLDB PhD Workshop (2020)."},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00045"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046660.2046682"},{"key":"e_1_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813651"},{"key":"e_1_2_1_51_1","volume-title":"Pegah Nikbakht Bideh, and Joakim Brorsson","author":"Nilsson Alexander","year":"2020","unstructured":"Alexander Nilsson , Pegah Nikbakht Bideh, and Joakim Brorsson . 2020 . A survey of published attacks on intel SGX. arXiv preprint arXiv:2006.13598 (2020). Alexander Nilsson, Pegah Nikbakht Bideh, and Joakim Brorsson. 2020. A survey of published attacks on intel SGX. arXiv preprint arXiv:2006.13598 (2020)."},{"key":"e_1_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3064176.3064219"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.30"},{"key":"e_1_2_1_54_1","unstructured":"PassMark. 2021. . Retrieved Sep 6 2021 from https:\/\/www.cpubenchmark.net\/market_share.html PassMark. 2021. . Retrieved Sep 6 2021 from https:\/\/www.cpubenchmark.net\/market_share.html"},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043566"},{"key":"e_1_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978401"},{"key":"e_1_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00025"},{"key":"e_1_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/2882903.2882917"},{"key":"e_1_2_1_59_1","doi-asserted-by":"crossref","unstructured":"Ming-Wei Shih Sangho Lee Taesoo Kim and Marcus Peinado. 2017. T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs.. In NDSS. Ming-Wei Shih Sangho Lee Taesoo Kim and Marcus Peinado. 2017. T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs.. In NDSS.","DOI":"10.14722\/ndss.2017.23193"},{"key":"e_1_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897885"},{"key":"e_1_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/3442632.3448126"},{"key":"e_1_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516660"},{"key":"e_1_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.14778\/3447689.3447705"},{"key":"e_1_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/3296957.3177155"},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/3456859.3456861"},{"key":"e_1_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.5555\/3154690.3154752"},{"key":"e_1_2_1_67_1","volume-title":"Is homomorphic encryption the holy grail for database queries on encrypted data?","author":"Wang Shiyuan","year":"2012","unstructured":"Shiyuan Wang , Divyakant Agrawal , and Amr El Abbadi . 2012. Is homomorphic encryption the holy grail for database queries on encrypted data? ( 2012 ). Shiyuan Wang, Divyakant Agrawal, and Amr El Abbadi. 2012. Is homomorphic encryption the holy grail for database queries on encrypted data? (2012)."},{"key":"e_1_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274808.3274824"},{"key":"e_1_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.45"},{"key":"e_1_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046767"},{"key":"e_1_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1145\/3448016.3452793"},{"key":"e_1_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.5555\/3154630.3154653"}],"container-title":["Proceedings of the VLDB Endowment"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.14778\/3494124.3494146","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,12,28]],"date-time":"2022-12-28T11:31:03Z","timestamp":1672227063000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.14778\/3494124.3494146"}},"subtitle":["benchmarking equi-joins in trusted execution environments"],"short-title":[],"issued":{"date-parts":[[2021,11]]},"references-count":72,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2021,11]]}},"alternative-id":["10.14778\/3494124.3494146"],"URL":"https:\/\/doi.org\/10.14778\/3494124.3494146","relation":{},"ISSN":["2150-8097"],"issn-type":[{"value":"2150-8097","type":"print"}],"subject":[],"published":{"date-parts":[[2021,11]]}}}