Cloud storage has become an important part of the digital economy as it brings great convenience to users’ data management. However, complex and diverse network environments and third parties that are not fully trusted pose great threats to users' privacy. To protect users’ privacy, data is usually encrypted before storage, but the ciphertext generated by traditional encryption techniques hinders subsequent data retrieval. Public-key encryption with keyword search (PEKS) technology can provide a confidential retrieval function while guaranteeing data encryption, but the traditional PEKS scheme is vulnerable to keyword guessing attacks due to the small number of common keywords. Public-key authenticated encryption with keyword search (PAEKS) introduces authentication technology based on PEKS, which can further improve security. However, most of the existing PAEKS schemes are designed based on foreign cryptographic algorithms, which do not meet the development needs of independent innovation of cryptography in China. This study proposes an SM9-PAEKS scheme, which can effectively improve user-side retrieval efficiency by redesigning algorithm structure and transferring time-consuming operations to a resource-rich cloud server. Scheme security is also proved under the random oracle model based on q-BDHI and Gap-q-BCCA1 security assumptions. Finally, theoretical analysis and experimental results show that compared with the optimal communication cost among similar schemes, SM9-PAEKS can reduce the total computational overhead by at least 59.34% with only 96 bytes of additional communication cost, and the computational overhead reduction of keyword trapdoor generation is particularly significant, about 77.55%. This study not only helps to enrich national security algorithm applications but also provides theoretical and technical support for data encryption and retrieval in cloud storage.