The existing cloud outsourcing privacy-preserving k-means clustering schemes have the problem of low efficiency and the problem of returning unreasonable clustering results when the cloud server is untrusted or attacked by hackers. Therefore, a cloud outsourcing verifiable privacy-preserving k-means clustering scheme that can be applied to multi-party privacy-preserving scenarios was proposed. Firstly, an improved clustering initialization method suitable for cloud outsourcing scenarios was proposed to effectively improve the iterative efficiency of the algorithm. Secondly, the multiplicative triple technology was used to design the safe Euclidean distance algorithm, and the garbled circuit technology was used to design the algorithm for safe calculation of the minimum value. Finally, a verification algorithm was proposed, making the users only need one round of communication to verify the clustering results. And after the data outsourcing, the algorithm training was performed on the cloud entirely, which was able to effectively reduce the interactions between users and the cloud. Simulation results show that the accuracy of the proposed scheme is 97% and 93% on the datasets Synthetic and S1 respectively, indicating that the privacy-preserving k-means clustering is similar to the plaintext k-means clustering, and is suitable for medical, social sciences and business fields.

To solve the problem that the existing hierarchical searchable encryption scheme cannot effectively resist quantum attack and cannot flexibly add and delete the level, a scheme of Adaptive Hierarchical Searchable Encryption based on learning with errors (AHSE) was proposed. Firstly, the proposed scheme was made to effectively resist the quantum attack by utilizing the multidimensional characteristic of lattices and based on the Learning With Errors (LWE) problem on lattices. Secondly, the condition key was constructed to divide the users into different levels clearly, making the user only able to search the files at his own level, so as to achieve effective level access control. At the same time, a segmented index structure with good adaptability was designed, whose levels could be added and deleted flexibly, meeting the requirements of access control with different granularities. Moreover, all users in this scheme were able to search by only sharing one segmented index table, which effectively improves the search efficiency. Finally, theoretical analysis shows that the update, deletion and level change of users and files in this scheme is simple and easy to operate, which are suitable for dynamic encrypted database, cloud medical system and other dynamic environments.

Concerning the problem that current genetic comparison protocols generally require a trusted third party, which may result in the leakage of a wide range of private data, a genetic comparison scheme based on linear scan was proposed. The gene sequences of two parties were first encoded based on Garbled Circuit (GC), and then the genome database was linearly scanned and the garbled circuit was used to compare gene sequence of user with all gene sequences in database. The above scheme can achieve genetic comparison under the premise of protecting user privacy of both parties. However, the scheme needs to scan whole database with time complexity of O( n), and is inefficient when the genome database is large. In order to improve the efficiency of genetic comparison, a genetic comparison scheme based on Oblivious Random Access Memory (ORAM) was further proposed, in which genetic data was stored at ORAM first, then only the data blocks on target path were picked out to perform genetic comparison by using garbled circuit. This scheme has the number of comparisons sub-linear to the size of database and time complexity of O (log n). The experimental results show that the genetic comparison scheme based on ORAM reduces the number of comparisons from O( n) to O(log n) while realizing privacy protection, significantly decreases the time complexity of comparison operation. It can be used for disease diagnosis, especially in the case with large genome database.

Considering the low computing efficiency of current multiparty Private Set Intersection (PSI) protocol and the leakage of user private information when it is applied in the cloud environment, a cloud outsourcing multiparty PSI protocol based on Bloom Filter (BF) and homomorphic encryption was proposed. Firstly, the NTRU Cryptosystems-based proxy re-encryption algorithm was used in the protocol to convert ciphertexts encrypted with different public keys into ciphertexts encrypted with the same public keys, and a large amount of complicated computing was outsourced to a cloud server. Secondly, Bloom filter, characterized by its low computing complexity, high space utilization rate and great query efficiency, was used to improve the efficiency of information encrypting, decrypting and querying when the protocol was operated. The user only needs a small amount of computing during the operation of the protocol instead of taking interactions and staying online in real time. Theoretical analysis and experimental results show that the proposed protocol has linear computation and communication complexity, it can work out intersection results without leaking user private information, which meets the requirement of practical application.

Focusing on the issues that information acquired by different participants are not equal in the Private Set Intersection (PSI) protocol based on Garbled Bloom Filter (GBF), which can not be effectively applied to the cloud environment, a cloud outsourcing PSI protocol combined the garbled Bloom filter algorithm with the proxy oblivious transfer protocol was proposed. Firstly, by introducing the garbled Bloom filter, the problem of false positive in the traditional standard Bloom filter was solved to achieve efficient storage and large data transmission. Secondly, the complex time-consuming computation could be outsourced to the cloud proxy server by using proxy oblivious transfer protocol, so that the cloud tenants did not need to be online in real-time and only needed a small amount of computation. Finally, in the processing of the cloud outsourcing privacy set intersection, the comparison results could be fairly obtained without the interaction among the cloud tenants. Theoretical analysis and performance comparison show that the communication and computation complexities of the proposed protocol are linear, and the proposed protocol is safe and effective.