Since keywords are chosen from much smaller space than passwords and users usually use well-known keywords (low entropy) for searching documents. Therefore, attackers can capture the trapdoor and have chance to guess keyword.
By definition, a PEKS scheme only allows the server to search the client’s ciphertexts, and there are scenarios two clients may want a server to perform certain forms of search in their joint database. Yang et al.  proposed the concept PKEET (public key encryption supporting equality test). The drawback with their formulation is that any entity can perform the search without any explicit authorization.
In PEKS and most of its variants and searchable encryption in the symmetric-setting as well, the search results are leaked to the server and associate documents matching to search request. This pattern itself leaks some information about the encrypted documents and keywords, although no entity except the client can decrypt anything. Boneh et al.  investigated the concept of public key storage with keyword search, which is an extension of PEKS that allows PIR queries. Compared with PEKS , the extension is substantial because a message sender and the server may need to engage in an interactive protocol for storing the encrypted contents.
For most searchable encryption schemes in the asymmetric-setting (and searchable encryption in the symmetric setting as well), a search request will typically require the server to sequentially scan all the encrypted data items or indexes therefore result in linear complexity. Bellare, Boldyreva and O’Neill  introduced the concept of efficiently full-domain searchable deterministic encryption, which allows any entity to generate searchable contents and generate trapdoors to search in encrypted contents (generated by all entities) with logarithmic complexity. A limitation of this approach is that the ciphertext is deterministic, so that an adversary can test any guessed plaintext by an encryption operation, and this is strictly weaker than the security guarantees provided by any other security model.
...(download the rest of the essay above)