Abstract: In traditional attribute-based encryption schemes, users may share the private key to multiple users with the same attribute without fear of being blamed. In addition, the information contained in the access policy may disclose the user's privacy. To solve these problems, this paper proposes a traceable hierarchical attribute-based encryption scheme with hidden access policy. The scheme is constructed based on the access tree under the combined order bilinear group, and has flexible expression ability. The random elements of the combined order subgroup are inserted into the access policy to realize the policy concealment. The user ID is added into the private key operation to realize the traceability of the illegal users. The hierarchical authorization system is used to reduce the computational load of single authority authorization, and improve the security and efficiency. The experimental results and efficiency comparison show that this scheme has advantages in the computational time cost of encryption and decryption, and supports the hiding of access policies and the traceability of users who violate the rules, thus greatly improving the security of this scheme.

Key words: attribute-based encryption, hidden policy, traceability, hierarchical authority