Focused on the low efficiency of verifying data on the cloud servers, to ensure correct execution of user's commands and high-efficient validation, a method supporting homomorphic MAC for arithmetic circuits on cloud environment was provided. Precise search was obtained through the following ways. Firstly, a label generation algorithm was used to represent a validation label with a polynomial. Secondly, a transformation algorithm was used to transform the validation label to satisfy homomorphic form, meanwhile, homomorphic decryption was used reduce the dimensionality of the label. Finally, a verification algorithm was used to verify the search result. Moreover, the scheme carries out infinite multiplicative homomorphism without increasing the size of verification labels, and is efficient. The drawback of the scheme is that the computational complexity increases with the increase of the input bits of enhancement circuit.

In Ciphertext-Policy Attribute-Based Encryption (CP-ABE) schemes, the private key is defined on attributes shared by multiple users. For any private key that can not be traced back to the owner of the original key, the malicious users may sell their decryption privileges to the third parties for economic benefit and will not be discoverable. In addition, most of the existing ABE schemes have a linear increase in decryption cost and ciphertext size with the complexity of access structure. These problems severely limit the applications of CP-ABE. By defining a traceable table to trace the users who intentionally disclosed the key, the cost of the decryption operation was reduced through the outsourcing operation, and a CP-ABE scheme with traceable and fully verifiable outsourced decryption was proposed. The scheme can simultaneously check the correctness for transformed ciphertexts of authorized users and unauthorized users, and supports any monotonous access structure, which traceability will not have any impact on its security. Finally, the proposed scheme is proved to be CPA (Chosen Plaintext Attack)-secure in the standard model.

The malicious cloud server may send incorrect or forged query results to the user, and the authorized user may send the key information privately to a non-authorized user after completing the retrieval. In order to solve the problems, a new verifiable ciphertext retrieval scheme with user revocation was constructed. Firstly, an encryption algorithm was used to encrypt the user documents and sign the keywords. Secondly, a searching algorithm was used to retrieve documents that needed to be retrieved. Finally, a verification algorithm and user revocation algorithm were used to verify the retrieval results and encrypt the unretrieved documents again. The analysis results show that, the proposed scheme can complete the accurate retrieval on the premise of guaranteeing the integrity of data, realize the user revocation through re-encryption scheme, and guarantee the security of system. Moreover, the proposed scheme satisfies the security of Indistinguishability-Chosen Keyword Attack (IND-CKA).

Learning With Errors (LWE)-based fully homomorphic encryption scheme was presented by Gentry, Sahai and Waters (GENTRY C, SALAHAI A, WATERS B. Homomorphic encryption from learning with errors:conceptually-simpler, asymptotically-faster, attribute-based[C]//Proceedings of the 33rd Annual Cryptology Conference. Berlin:Springer, 2013:75-92), namely GSW scheme, can only work under single-attribute settings. Aiming at this problem and introducing the concept of fully system, a fully homomorphic encryption scheme under multi-attribute settings was constructed. In the proposed scheme, whether a user was legitimate was determined through a conditional equation. Then, a new ciphertext matrix that meeting the requirements of GSW13 was constructed by using ciphertext expansion algorithm. Finally fuzzy system technology was used to complete the construction. INDistinguishability-X-Chosen Plain Attack (IND-X-CPA) security was proved under the standard model. The advantage of the proposed scheme lies in that it can be used in multi-attribute environment. The disadvantage is that the computational complexity is increased.

Cloud computing security is the key bottleneck that restricts its development, and access control on the result of cloud computing is a hot spot of current research. Based on the classical homomorphic encryption BGN (Boneh-Goh-Nissim) scheme, and combined with outsourcing the decryption of Ciphertext-Policy Attribute-Based Encryption (CP-ABE) ciphertexts, a BGN type outsourcing the decryption of ABE ciphertexts was constructed. In the scheme, partial decryption of ciphertexts was outsourced to the cloud, and only the users whose attributes meet the access policy could get the correct decryption result, thus reducing the storage and computation overhead of users. Compared with the existing outsourcing schemes of ABE, the proposed scheme can operate on ciphertexts for arbitrary additions and one multiplication. Finally, the security of the scheme was analyzed. The proposed scheme is semantically secure under the subgroup decision assumption, and its attribute security is proved under random oracle model.

The traditional key policy attribute base encryption and decryption scheme has the disadvantages that the ciphertext length increases linearly with the increase of the number of attributes, and consumes a large amount of communication bandwidth of the user in the communication process. The improved scheme of attribute encryption was proposed. Based on the encryption of key policy attributes, a verifiable packet decryption scheme with fixed ciphertext length was proposed. In the non-monotonic access structure, the cipher length was fixed, and the communication bandwidth was effectively saved. Through the improvement of outsourced key generation algorithm, a primary modular exponentiation operation was realized, and the generation time of key generation was effectively shortened.The hash function was used to realize the verification of the decryption and its security was proved.