This work proposes Gyokuro, a novel private membership testing scheme leveraging trusted execution environments (TEEs) to enable efficient verification of data membership—such as in certificate transparency or supply chain auditing—while preserving query privacy. Departing from conventional approaches where servers generate existence proofs, Gyokuro instead combines compact information provided by the data source with TEE-based attestation to prove that a target item has been included in the server’s database. A monitoring service is introduced to prevent data deletion and ensure integrity. The design achieves communication and computational overheads independent of database size, delivering high scalability and strong privacy guarantees. Evaluated on a single core, Gyokuro attains a throughput of approximately 1,400 queries per second with a latency of 7 milliseconds.

Private Membership Testing (PMT) protocols enable clients to verify whether a certain data item is included in a database without revealing the item to the database operator or other external parties. This paper examines Source-assisted PMT (SPMT), in which clients leverage compact data source-provided information issued when the data item is first submitted to the database. SPMT is relevant in applications such as certificate transparency and supply-chain auditing; yet, designing an approach that is efficient, scalable, and privacy-preserving remains a challenge. This work presents Gyokuro, which takes a different approach to conventional membership testing schemes. Instead of requesting the server to produce a proof attesting that a certain data item exists in the database, we leverage Trusted Execution Environments (TEEs) to produce proofs demonstrating that the server has made enough progress to add the data item to the database. With the help of existing monitoring services, clients can infer that no items have been removed from the database. This allows Gyokuro to provide strong privacy guaranties and achieve high efficiency, as a client's membership testing query does not include any information regarding their interests, and eliminates the need for complex and inefficient protection mechanisms. Additionally, this approach enables membership testing on large-scale databases, since the communication and computation required are independent of the database size. Our evaluations show practical feasibility, achieving 7 ms membership testing latency and throughput of around 1400 requests/sec/core.