Astor actually brought up a good point and I am struggling to find a perfect solution. Although the content on EKS servers is encrypted, we should assume that the people running the servers will be able to obtain keys for certain content, we should also assume that some of them are malicious and could try to censor information. There are distributed PIR schemes that hide the content of the database from the servers, but a client that queries the database still does so by index position. That means if an entity that runs a PIR server also runs a client, and the client knows a certain message is at index 42, the PIR server can then link the secret share at position 42 to the message downloaded by the client. So even Goldbergs PIR will not work to solve this problem. The problem is characterized as follows: Given a server or cluster of servers hosting a database, how can we have it so that: A. Clients can request specific files from the database (via position or keyword) B. The servers hosting the database cannot determine the clients query (ie: servers cannot tell the position requested or keyword searched for) C. The servers hosting the database cannot tell the files returned (ie: they do not know what they send back to the client) D. The servers hosting the database cannot tell the files hosted (ie: they cannot ever see any content that the client eventually obtains, during storage or transfer) E. An entity that owns a client and a server cannot download a known file from the database in order to be able to associate content on the database with the file (ie: the server cannot link data it hosts to content even if it downloads the content partially from itself while acting as a client) A, B and C are solved via at least PIR , Oblivious Transfer and Private Stream Searching schemes (actually Encrypted Keyword Search only solves A and B). D has been integrated into at least some distributed PIR schemes, the one I linked to from Goldberg for example. E I do not know how to solve for, and it leads to a problem: servers can determine where a specific piece of content they host is located on their servers and censor it. I also should start saying PSS instead of EKS, I always confuse the two terms. EKS lets the client obtain encrypted files from a remote server without the remote server knowing the content of the files or the keywords searched for, but it still knows the ciphertexts returned. PSS lets the client obtain encrypted files from a remote server without the remote server knowing the content of the files, the keywords searched for, OR the ciphertexts returned to the client. So it is kind of how PIR lets the client get a file from a database without the server hosting the database knowing the file the client got, and Oblivious Transfer does the same thing and also prevents the client from learning anything else about the database. Cryptography is full of rather subtle distinctions, but I should nip this in the bud as EKS is actually not the correct terminology in this case (although I am the one who introduced the bad terminology, as I said I frequently find that I mistakenly call Private Stream Searching Encrypted Keyword Searching).