Attribute-based encryption with keyword search (ABKS) achieves both fine-grained access control and keyword search. However, in the previous ABKS schemes, the search algorithm requires that each keyword to be identical between the target keyword set and the ciphertext keyword set, otherwise the algorithm does not output any search result, which is not conducive to use. Moreover, the previous ABKS schemes are vulnerable to what we call a peer-decryption attack, that is, the ciphertext may be eavesdropped and decrypted by an adversary who has sufficient authorities but no information about the ciphertext keywords.

In this paper, we provide a new system in fog computing, the ciphertext-policy attribute-based encryption with dynamic keyword search (ABDKS). In ABDKS, the search algorithm requires only one keyword to be identical between the two keyword sets and outputs the corresponding correlation which reflects the number of the same keywords in those two sets. In addition, our ABDKS is resistant to peer-decryption attack, since the decryption requires not only sufficient authority but also at least one keyword of the ciphertext. Beyond that, the ABDKS shifts most computational overheads from resource constrained users to fog nodes. The security analysis shows that the ABDKS can resist Chosen-Plaintext Attack (CPA) and Chosen-Keyword Attack (CKA).

通过关键字搜索进行基于属性的加密（ABKS），可以实现细粒度的访问控制和关键字搜索。但是，在以前的ABKS方案中，搜索算法要求目标关键字集和密文关键字集之间的每个关键字都相同，否则该算法不会输出任何搜索结果，这不利于使用。而且，以前的ABKS方案容易受到所谓的对等解密攻击，即，密文可能会被具有足够权限但没有有关密文关键字信息的对手窃听和解密。

在本文中，我们提供了一个新的雾计算系统，即基于密文策略的基于属性的具有动态关键字搜索的加密（ABDKS）。在ABDKS中，搜索算法只需要一个关键词在两个关键词集之间是相同的，并输出相应的相关性即可反映这两个关键词集中相同关键词的数量。此外，我们的ABDKS可以抵抗对等解密攻击，因为解密不仅需要足够的权限，而且还需要至少一个密文关键字。除此之外，ABDKS将大多数计算开销从资源受限的用户转移到了雾节点。安全分析表明，ABDKS可以抵抗选择纯文本攻击（CPA）和选择关键字攻击（CKA）。