CN114239058A - Electronic bill management method and system based on state cryptographic algorithm fine-grained privacy protection - Google Patents
Electronic bill management method and system based on state cryptographic algorithm fine-grained privacy protection Download PDFInfo
- Publication number
- CN114239058A CN114239058A CN202111476827.6A CN202111476827A CN114239058A CN 114239058 A CN114239058 A CN 114239058A CN 202111476827 A CN202111476827 A CN 202111476827A CN 114239058 A CN114239058 A CN 114239058A
- Authority
- CN
- China
- Prior art keywords
- ticket
- electronic
- bill
- mask
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Landscapes
- Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Medical Informatics (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides an electronic bill management method and system based on state cryptographic algorithm fine-grained privacy protection, wherein the system comprises: the ticket issuing terminal, the ticket holding terminal, the ticket checking terminal and the server; the ticket issuing end is used for generating an electronic ticket and uploading the electronic ticket to the server; the ticket holding end is the holding end of the electronic ticket; the ticket checking terminal is used for verifying the electronic bills and the transactions; the server is used for storing the electronic bills uploaded by the bill drawing end and allowing the bill drawing end, the bill holding end and the bill checking end to read the electronic bills; the electronic bill is an electronic record of the transaction, and the content of the electronic record comprises public information, a half mask and a mask; the participants such as the ticket issuing end, the ticket holding end, the ticket checking end, the server and the like respectively play their roles, so that the isolation of the functions of generation, verification, storage and the like in the electronic bill circulation process is realized, and convenience is provided for respective upgrading expansion and integral operation and maintenance management.
Description
Technical Field
The invention relates to the field of information security, in particular to an electronic bill management method and system based on state cryptographic algorithm fine-grained privacy protection.
Background
With the continuous development of information technology, the degree of informatization is higher and higher. Electronic tickets are gradually replacing traditional paper tickets. As a record of the transaction, the electronic ticket is usually stored centrally for easy management, while the server is usually honest and curious, and the stored electronic ticket may be analyzed to snoop privacy; if the server is attacked from outside, the electronic bill stored centrally on the server is also at risk of being leaked and utilized. To this end, patent application No.: 201710071362.3 discloses that participants such as a ticketing end, a ticket holding end, a ticket checking end, a server and the like adopt a one-way function to process sensitive information specified by a user in an original ticket, so that the sensitive information in commercial transaction is only known by the ticketing end, the ticket holding end and the ticket checking end; the sensitive information depends on the requirements of both parties of the transaction, and one or more pieces of sensitive information related to the transaction can be protected; the mask in the electronic bill is obtained by performing one-way function calculation on the sensitive information and the auxiliary code, so that an attacker who does not know the auxiliary code cannot find the sensitive information related to the original transaction by trying to exhaust the sensitive information, and the mask is determined by the auxiliary code and the sensitive information in the original bill together and uniquely; each participant plays its own role, so that the isolation of functions such as generation, verification, storage and the like in the electronic bill circulation process is realized, and convenience is provided for respective upgrading expansion and integral operation and maintenance management.
The technical solution described in patent application No. 201710071362.3 has the following disadvantages: when the ticket checking end checks the ticket, no matter the ticket checking end only verifies the legality of the ticket or verifies the legality and needs the content of the sensitive information, the ticket holding end needs to submit the sensitive information and the auxiliary code in the original ticket to the ticket checking end, so that all the privacy information is leaked to all the verifiers, and the user lacks the management and control of the privacy information; secondly, the method is realized by using an international algorithm in the patent application No. 201710071362.3, and the method does not meet the requirements of using a commercial cipher protection to protect information of non-national cipher secrets in a cipher law of China and using an algorithm authenticated by a national cipher administration in cipher evaluation.
Disclosure of Invention
The invention aims to provide an electronic bill management method and system based on country density algorithm fine-grained privacy protection aiming at the defects of the prior art.
In order to meet the requirements, the technical scheme adopted by the invention is as follows: the electronic bill management method and the electronic bill management system based on the country cipher algorithm fine-grained privacy protection are provided.
The system comprises: the ticket issuing terminal, the ticket holding terminal, the ticket checking terminal and the server; the ticket issuing end is used for generating an electronic ticket and uploading the electronic ticket to the server; the ticket holding end is an electronic ticket holding end; the ticket checking terminal is used for verifying the electronic bills and the transactions; the server is used for storing the electronic bills uploaded by the bill drawing end and allowing the bill drawing end, the bill holding end and the bill checking end to read the electronic bills; the electronic bill is an electronic record of the transaction, and the content of the electronic record comprises public information, a half mask and a mask; the public information is a part without sensitive information in the transaction, namely information which does not need to be protected, and special processing is not carried out when the bill is generated; each of the electronic tickets has a public unique identifier for retrieving the electronic ticket; the half mask is a digital abstract value obtained by calculating a one-way function of sensitive information to be protected in the transaction information through the one-way function and a digital abstract value obtained by calculating the one-way function of the auxiliary code; the mask is a digital abstract value of the half mask after the one-way function technology.
The method comprises the steps of electronic bill generation and electronic bill verification.
Preferably, the steps of generating the electronic bill are as follows:
s11: the ticket issuing end selects non-repeated auxiliary codes for the electronic tickets and locally stores the auxiliary codes;
s12: the ticket issuing end substitutes the sensitive information and the auxiliary code in the original ticket into a one-way function to calculate a half mask, then the half mask is substituted into the one-way function to obtain a mask, the mask and the public information are used for constructing the electronic ticket, and the electronic ticket is uploaded to a server, wherein the mask is determined by the auxiliary code and the sensitive information in the original ticket together and uniquely;
s13: the ticket issuing end informs the ticket holding end of the auxiliary code corresponding to the electronic ticket in an off-line mode, and the ticket holding end verifies the electronic ticket stored in the server by the ticket issuing end according to the auxiliary code.
Preferably, the steps of verifying the electronic bill are as follows:
s21: the ticket checking end acquires the electronic ticket to be checked on line from the server according to the unique identifier of the electronic ticket, and simultaneously acquires the sensitive information and the auxiliary code corresponding to the electronic ticket from the ticket holding end in an off-line mode;
s22: substituting the obtained sensitive information and the auxiliary code into a one-way function for calculation by the ticket checking terminal to obtain a calculation result;
s23: and the ticket checking terminal compares the calculation result with the mask in the electronic bill, if the calculation result is the same as the mask in the electronic bill, the verification is passed, and otherwise, the verification is not passed.
The electronic bill management method and system based on the state cryptographic algorithm fine-grained privacy protection have the advantages that:
the method adopts the one-way function of the state secret to carry out twice processing on the sensitive information appointed by the user in the original bill, further realizes fine-grained privacy protection, can ensure that the sensitive information in commercial transaction is only known by the bill drawing end, the bill holding end and part of the bill checking ends, and has the function of controlling the privacy information of the user for the privacy information leaked to the bill checking person; the method obtains the half mask code in the electronic bill by performing one-way function calculation on the sensitive information and the auxiliary code, ensures that an attacker who does not know the auxiliary code cannot find the sensitive information related to the original transaction by trying to exhaust the mask code, and ensures that the mask code is determined uniquely by the sensitive information and the auxiliary code, and if the sensitive information is different, the mask code is different, thereby ensuring that the ticket holding end cannot pinch the sensitive information related to the transaction content to the ticket checking end; the participants such as the ticket issuing end, the ticket holding end, the ticket checking end, the server and the like respectively play their roles, so that the isolation of the functions of generation, verification, storage and the like in the electronic bill circulation process is realized, and convenience is provided for respective upgrading expansion and integral operation and maintenance management.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
fig. 1 schematically shows a frame schematic diagram of an electronic bill management system based on country cryptographic algorithm fine-grained privacy protection according to an embodiment of the present application.
Fig. 2 schematically shows a flowchart of an electronic ticket verification process in an electronic ticket management method based on the country encryption algorithm fine-grained privacy protection according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be described in further detail with reference to the accompanying drawings and specific embodiments.
In the following description, references to "one embodiment," "an embodiment," "one example," "an example," etc., indicate that the embodiment or example so described may include a particular feature, structure, characteristic, property, element, or limitation, but every embodiment or example does not necessarily include the particular feature, structure, characteristic, property, element, or limitation. Moreover, repeated use of the phrase "in accordance with an embodiment of the present application" although it may possibly refer to the same embodiment, does not necessarily refer to the same embodiment.
Certain features that are well known to those skilled in the art have been omitted from the following description for the sake of simplicity.
According to one embodiment of the application, the electronic bill management method and system based on the national cryptographic algorithm fine-grained privacy protection are provided, and the system comprises a bill drawing end, a bill holding end, a bill checking end and a server; the ticket issuing end is a producer of the electronic ticket, is a transaction seller and has the main function of generating the electronic ticket and uploading the electronic ticket to the server; the ticket holder is the holder of the electronic ticket and is the transaction buyer; the ticket checking end is a verifier of the electronic ticket and a transaction verifier; the server is responsible for storing the electronic bills uploaded by the bill drawing end and allowing the bill drawing end, the bill holding end and the bill checking end to read the electronic bills; the electronic bill is an electronic record of the transaction, and the content of the electronic bill is divided into two parts, namely public information, half mask code and mask code, wherein the public information refers to the part without sensitive information in the transaction, namely information which does not need protection, and special processing is not carried out when the bill is generated; each electronic ticket has a public unique identifier for retrieving the electronic ticket; the half mask is a digital abstract value of sensitive information needing to be protected in the transaction information after being subjected to one-way function calculation and a digital abstract value obtained by the one-way function calculation of the auxiliary code; the mask is a digital abstract value of the half mask after the one-way function technology, which is equivalent to loading sensitive information into the electronic bill in a mask mode; the sensitive information and the auxiliary code can be calculated to obtain a half mask, and then the mask is calculated, and only the half mask can be calculated to obtain the mask.
According to one embodiment of the application, the electronic bill management method based on the country cryptographic algorithm fine-grained privacy protection comprises the steps of generating and verifying electronic bills, and specifically comprises the following steps:
the electronic bill is generated by the following process:
s11: the ticket issuing end selects an auxiliary code for the electronic ticket and locally stores the auxiliary code; the auxiliary codes are not reused, namely different auxiliary codes are selected for different electronic bills;
s12: the method comprises the steps that a ticket issuing end substitutes sensitive information and auxiliary codes in an original ticket into a one-way function respectively to calculate a half mask, the half mask is substituted into the one-way function to obtain a mask, the mask and public information are used for constructing the electronic ticket, the electronic ticket is uploaded to a server, and the mask is determined by the auxiliary codes and the sensitive information in the original ticket together and uniquely;
s13: the ticket issuing end informs the ticket holding end of the auxiliary code corresponding to the electronic ticket in an off-line mode, and the ticket holding end verifies the electronic ticket stored in the server by the ticket issuing end according to the auxiliary code;
the process of electronic bill validation is as follows:
s21: the ticket checking end acquires the electronic ticket to be checked on line from the server according to the unique identifier of the electronic ticket, and simultaneously acquires the sensitive information and the auxiliary code corresponding to the electronic ticket from the ticket holding end in an off-line mode;
s22: substituting the obtained sensitive information and the auxiliary code into a one-way function for calculation by the ticket checking terminal to obtain a calculation result;
s23: and the ticket checking terminal compares the calculation result with the mask in the electronic bill, if the calculation result is the same as the mask in the electronic bill, the verification is passed, and otherwise, the verification is not passed.
The first embodiment is as follows:
the system design method of the invention is explained by taking an electronic invoice management system based on one-way hash function fine-grained privacy protection as an example. Assuming that a certain employee U1 (ticket holder) of a certain unit completes a purchase from a distributor A (ticket outlet), A issues an electronic invoice e to U1, and U1 needs to find a financial department V (ticket checker) of the unit for reimbursement. The symmetric encryption algorithm E is designated as the cryptographic block cipher SM4 algorithm and has the length of 128 bits. The cryptographic one-way hash function h is designated as the SM3 algorithm. The concrete implementation steps are as follows:
electronic invoice generation process
1) The dealer a calculates the auxiliary code a ═ e (i) of the electronic invoice e according to the unique identifier i of the electronic invoice e that the user U1 needs to generate, i being typically a combination of the invoice code and the invoice number for the electronic invoice.
2) After negotiating according to the requirements of both parties, the distributor a and the user U1 use the payment date and the name of the payment unit as the sensitive information s, and substitute the auxiliary code a and the sensitive information s into the one-way hash function h to calculate the half mask of the electronic invoice e, where ha ═ h (a), hs ═ h(s), and substitute both the half mask ha and hs into the one-way hash function h to calculate the mask x ═ h (ha | | | hs), where | | | represents the cascade of binary bit strings. A, constructing an electronic invoice e by using a mask x and public information e', uploading the electronic invoice e to a public cloud or a block chain for storage after necessary operations (such as electronic signature), wherein the public information refers to information except sensitive information in an original invoice.
3) A delivers a to a ticket holder U1; the U1 can verify the electronic invoice e stored in the server accordingly. .
Secondly, the electronic invoice validation process, as shown in fig. 2:
1) and the ticket checking end V acquires e from the public cloud or the block chain online according to the unique identifier i of the electronic invoice e and performs necessary (such as integrity) verification. If the verifier only verifies the validity of the electronic bill, the U1 verifies the half mask ha 'of the auxiliary code and the half mask hs' of the sensitive information to the V in a physical or oral mode; otherwise, the ticket holder U1 gives the sensitive information s 'and the auxiliary code a' to V by physical or oral means.
2) If V only verifies the legality, substituting the half mask ha ' and the sensitive information hs ' of the auxiliary code into a one-way hash function h to calculate a mask x ' ═ h (ha ' | hs '); otherwise, the auxiliary code a ' and the sensitive information s ' are respectively substituted into the one-way hash function h to calculate half-mask hs ' ═ h (s '), ha ' ═ h (a '), and the half-mask is further substituted into the one-way hash function h in a cascading manner to obtain mask x ' ═ h (ha ' | hs ').
3) V compares x 'with the mask x in e, if the x' is the same, the verification is passed, otherwise, the verification is not passed.
The above-mentioned embodiments only show some embodiments of the present invention, and the description thereof is more specific and detailed, but should not be construed as limiting the scope of the present invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present invention should be subject to the claims.
Claims (7)
1. An electronic bill management system based on state cryptographic algorithm fine-grained privacy protection is characterized by comprising:
the ticket issuing terminal, the ticket holding terminal, the ticket checking terminal and the server;
the ticket issuing end is used for generating an electronic ticket and uploading the electronic ticket to the server;
the ticket holding end is an electronic ticket holding end;
the ticket checking terminal is used for verifying the electronic bills and the transactions;
the server is used for storing the electronic bills uploaded by the bill drawing end and allowing the bill drawing end, the bill holding end and the bill checking end to read the electronic bills;
the electronic bill is an electronic record of the transaction, and the content of the electronic record comprises public information, a half mask and a mask;
the public information is a part without sensitive information in the transaction, namely information which does not need to be protected, and special processing is not carried out when the bill is generated; each of the electronic tickets has a public unique identifier for retrieving the electronic ticket; the half mask is a digital abstract value obtained by calculating a one-way function of sensitive information to be protected in the transaction information through the one-way function and a digital abstract value obtained by calculating the one-way function of the auxiliary code; the mask is a digital abstract value of the half mask after the one-way function technology.
2. An electronic bill management method based on state cryptographic algorithm fine-grained privacy protection is characterized by comprising an electronic bill generation step and an electronic bill verification step.
3. The electronic bill management method and system based on the country encryption algorithm fine-grained privacy protection according to claim 2 are characterized in that: the steps of the electronic bill generation are as follows:
s11: the ticket issuing end selects non-repeated auxiliary codes for the electronic tickets and locally stores the auxiliary codes;
s12: the ticket issuing end substitutes the sensitive information and the auxiliary code in the original ticket into a one-way function to calculate a half mask, then the half mask is substituted into the one-way function to obtain a mask, the mask and the public information are used for constructing the electronic ticket, and the electronic ticket is uploaded to a server, wherein the mask is determined by the auxiliary code and the sensitive information in the original ticket together and uniquely;
s13: the ticket issuing end informs the ticket holding end of the auxiliary code corresponding to the electronic ticket in an off-line mode, and the ticket holding end verifies the electronic ticket stored in the server by the ticket issuing end according to the auxiliary code.
4. The electronic bill management method and system based on the country encryption algorithm fine-grained privacy protection according to claim 2, characterized in that the steps of the electronic bill validation are as follows:
s21: the ticket checking end acquires the electronic ticket to be checked on line from the server according to the unique identifier of the electronic ticket, and simultaneously acquires the sensitive information and the auxiliary code corresponding to the electronic ticket from the ticket holding end in an off-line mode;
s22: substituting the obtained sensitive information and the auxiliary code into a one-way function for calculation by the ticket checking terminal to obtain a calculation result;
s23: and the ticket checking terminal compares the calculation result with the mask in the electronic bill, if the calculation result is the same as the mask in the electronic bill, the verification is passed, and otherwise, the verification is not passed.
5. The electronic bill management method and system based on the country encryption algorithm fine-grained privacy protection according to claim 3 are characterized in that: the auxiliary code is a random or pseudo-random number of at least 112 bits in length.
6. The method and system for managing electronic tickets with fine-grained privacy protection based on the cryptographic algorithm of China according to claim 3, wherein the offline mode in step S13 is a communication mode in which messages are not known by the ticket storage server or other unrelated parties.
7. The electronic bill management method and system based on fine-grained privacy protection of the cryptographic algorithm of China according to claim 1, characterized in that the step S13 is implemented to verify that the electronic bill is the ticket holder itself and calculate the output value of the one-way function according to the sensitive information and the auxiliary code in the original bill, and check whether the output value is consistent with the mask code in the electronic bill.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111476827.6A CN114239058A (en) | 2021-12-06 | 2021-12-06 | Electronic bill management method and system based on state cryptographic algorithm fine-grained privacy protection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111476827.6A CN114239058A (en) | 2021-12-06 | 2021-12-06 | Electronic bill management method and system based on state cryptographic algorithm fine-grained privacy protection |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114239058A true CN114239058A (en) | 2022-03-25 |
Family
ID=80753294
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111476827.6A Pending CN114239058A (en) | 2021-12-06 | 2021-12-06 | Electronic bill management method and system based on state cryptographic algorithm fine-grained privacy protection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114239058A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117436811A (en) * | 2023-11-01 | 2024-01-23 | 成都安美勤信息技术股份有限公司 | Electronic bill management method and system based on privacy protection |
-
2021
- 2021-12-06 CN CN202111476827.6A patent/CN114239058A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117436811A (en) * | 2023-11-01 | 2024-01-23 | 成都安美勤信息技术股份有限公司 | Electronic bill management method and system based on privacy protection |
| CN117436811B (en) * | 2023-11-01 | 2024-05-07 | 成都安美勤信息技术股份有限公司 | Electronic bill management method and system based on privacy protection |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20240005304A1 (en) | Computer-implemented methods and systems for validating tokens for blockchain-based cryptocurrencies | |
| CN108833081B (en) | Block chain-based equipment networking authentication method | |
| KR102248154B1 (en) | Systems and methods for information protection | |
| CN110730963B (en) | System and method for information protection | |
| JP5721086B2 (en) | Management method of electronic money | |
| CN108665359B (en) | Block chain processing method, accounting node and verification node | |
| CN110582775A (en) | Method for managing file based on block chain by using UTXO basic protocol and file management server using the same | |
| CN112288434B (en) | Privacy transaction method, device, zero knowledge proof system and privacy transaction architecture model | |
| CN111160909B (en) | Hidden static supervision system and method for blockchain supply chain transaction | |
| CN106845275B (en) | A kind of the electronic bill management system and method for secret protection | |
| US20160132871A1 (en) | Secure redemption code generation for gift cards and promotions | |
| US20230103038A1 (en) | Method for directly transferring electronic coin data sets between terminals, payment system, currency system and monitoring unit | |
| KR101253683B1 (en) | Digital Signing System and Method Using Chained Hash | |
| CN111461881A (en) | Data management method and device, computer equipment and storage medium | |
| CN116057554A (en) | Method for managing transaction data sets, participant unit, transaction register and payment system | |
| CN101046899B (en) | Electronic ticket system and method based on public key basic infrastructure | |
| CN110634072B (en) | Block chain transaction system based on multi-signature and hardware encryption | |
| CN114239058A (en) | Electronic bill management method and system based on state cryptographic algorithm fine-grained privacy protection | |
| CN110992034A (en) | Supply chain transaction privacy protection system and method based on block chain and related equipment | |
| CN113744036A (en) | Quantum check transaction method based on block chain digital signature | |
| CN115619396A (en) | Data certificate processing method and device, block link node and storage medium | |
| CN112766940B (en) | Electronic check transaction method and system based on blockchain | |
| CN113094748B (en) | Realization method of authenticatable anonymous E-commerce evaluation mechanism based on blockchain | |
| CN112163917B (en) | Bill processing method and device based on blockchain, medium and electronic equipment | |
| CN110474763B (en) | Chain-based identity protection method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |