[bawolff]

Either (a) the index is encrypted in such a way the db engine cannot make branches based on it, in which vase its useless. Or (b) the db-engine can take branches based on the index, in which case the index can't have been encrypted very good if the db engine can read it.

Remember, in fully homomorphic encryption, the algorithm is the party you are trying to hide data from.

[mikepurvis]

The point would be that the index would serve to route "scrambled search term X" to "scrambled record Y", and the degree to which that scheme could protect the privacy of users would be a function of how much redundancy was inserted into the system at various points, all of which could be tunable on the client side (dummy record entries, dummy index entries, dummy queries, whatever).