[1]Rivest R, Adleman L, Dertouzos M. On data banks and privacy homomorphisms[J]. Foundation of Secure Computation, 1978, 7(6): 160171[2]Gentry C. Fully homomorphic encryption using ideal lattices[C] Proc of the 41st Annual ACM Symp on Theory of Computing. New York: ACM, 2009: 169178[3]van Dijk M, Gentry C, Halevi S.Fully homomorphic encryption over the integers[G] Advances in CryptologyEUROCRYPT. Berlin: Springer, 2010: 118130[4]HowgraveGraham N. Approximate integer common divisors[G] LNCS 2146. Berlin: Springer, 2001: 5166[5]Brakerski Z, Vaikuntanathan V. Efficient fully homomorphic encryption from (standard) LWE[C] Proc of FOCS. Los Alamitos, CA: IEEE Computer Society, 2011: 96106[6]Brakerski Z, Vaikuntanathan V. Fully homomorphic encryption from RingLWE and security for key dependent messages[G] LNCS 6841: Proc of CRYPTO 2011. Berlin: Springer, 2011: 505524[7]Brakerski Z. Fully homomorphic encryption without modulus switching from classical GapSVP[G] LNCS 7417: Proc of CRYPTO 2012. Berlin: Springer, 2012: 868886[8]Brakerski Z, Langlois A, Peikert C, et al. Classical hardness of learning with errors[C] Proc of STOC. New York: ACM, 2013: 575584[9]Regev O, et al. New latticebased cryptographic constructions[C] Proc of STOC. New York: ACM, 2004: 899942[10]Cheon J H, Stehl D. Fully homomophic encryption over the integers revisited[C] Proc of Eurocrypt. Berlin: Springer, 2015: 518538[11]Chen Y, Nguyen P Q. Faster algorithms for approximate common divisors: Breaking fullyhomomorphicencryption challenges over the integers[C] Proc of EUROCRYPT. Berlin: Springer, 2012: 502519