CN117726385A

CN117726385A - Encryption algorithm-based electronic ticket issuing method, system, equipment and medium

Info

Publication number: CN117726385A
Application number: CN202410172416.5A
Authority: CN
Inventors: 陈玉刚; 杨家兴; 武凤鑫
Original assignee: Zhongke Xunlian Intelligent Network Technology Beijing Co ltd
Current assignee: Zhongke Xunlian Intelligent Network Technology Beijing Co ltd
Priority date: 2024-02-07
Filing date: 2024-02-07
Publication date: 2024-03-19

Abstract

The invention provides an electronic ticket issuing method, a system, equipment and a medium based on an encryption algorithm, which comprise the following steps: the public key is used for encrypting the data plaintext provided by the invoice receiver, and only the invoice issuer or the invoice receiver can decrypt the data plaintext provided by the invoice receiver by using the private key of the invoice issuer or the invoice receiver, so that detailed information in the data plaintext provided by the invoice receiver can be prevented from being collected by irrelevant personnel; after the electronic invoice is issued, the public key is used for encrypting the electronic invoice, and only the invoice issuing party or the invoice receiving party can decrypt the electronic invoice by using the private key of the invoice issuing party or the invoice receiving party, so that detailed information in the electronic invoice can be prevented from being collected by irrelevant personnel. Therefore, the invention can avoid the detailed information in the process of issuing the electronic invoice from being collected by irrelevant personnel, and can not leak business secrets such as business circulation processes and the like of the business at the upstream and the downstream in the process of issuing the invoice, thereby enhancing the protection intensity of the invoice information and improving the data information safety of the business.

Description

Encryption algorithm-based electronic ticket issuing method, system, equipment and medium

Technical Field

The present invention relates to the field of data storage technologies, and in particular, to an electronic ticket issuing method, system, device, and medium based on an encryption algorithm.

Background

With the development of computer technology, most enterprises now choose to issue electronic invoices instead of paper invoices when doing business transactions. The electronic invoice is made by using professional software or network platforms, such as tax office websites, financial software and the like, then inputting detailed information of goods or services, such as names, quantity, unit price and the like, and information of sellers, such as company names, tax numbers, contact ways and the like, on the software or network platforms, and finally making the electronic invoice. After the electronic invoice is issued, the electronic invoice is generally stored on a server, and when the buyer has corresponding invoice requirements, the server can send the corresponding electronic invoice to the buyer in various modes.

At present, the server sends the electronic invoice to the purchaser, usually in a plaintext form, so that detailed information on the invoice is easily collected by irrelevant personnel, business secrets such as transaction business circulation processes at the upstream and downstream of an enterprise are revealed, normal operation of the enterprise is affected, and meanwhile, the certificate information is also caused to have a risk of being revealed.

Disclosure of Invention

In view of the above-mentioned drawbacks of the prior art, the present invention aims to provide an electronic ticket issuing method, system, device and medium based on an encryption algorithm, which are used for solving the technical problems existing in the prior art.

To achieve the above and other related objects, the present invention provides an electronic ticket issuing method based on an encryption algorithm, including the steps of:

generating a public key for data encryption through an encryption algorithm based on certificate information of an invoice issuer and certificate information of an invoice receiver;

encrypting a data plaintext provided by the invoice receiver by using the public key to obtain a data ciphertext;

transmitting the data ciphertext to the invoice issuer according to a communication link established in advance or in real time between the invoice issuer and the invoice receiver;

receiving and responding to an invoice issuing request generated by the invoice issuing party on electronic invoice issuing software, authenticating authority of the invoice issuing party, and providing an invoice issuing page for the invoice issuing party after the invoice issuing party passes the authority authentication; after the confirmation instruction on the invoice issuing page is triggered, generating an electronic invoice based on invoice data filled in the invoice issuing page; the method comprises the steps of,

Encrypting the electronic invoice by using the public key, storing the encrypted electronic invoice into a server determined in advance or in real time, and generating corresponding invoice address information;

transmitting the invoice address information to the invoice receiver according to a communication link established in advance or in real time between the invoice issuer and the invoice receiver, so that the invoice receiver accesses the server through the invoice address information, and downloads the encrypted electronic invoice; or transmitting the invoice address information to the invoice issuer so that the invoice issuer accesses the server through the invoice address information and downloads the encrypted electronic invoice.

In an embodiment of the present invention, after providing the invoice issuing page to the invoice issuing party, the method further includes:

comparing all the areas to be filled in the invoice issuing page at the current moment with all the areas to be filled in the invoice issuing page at the previous moment, and determining whether filling data exist in all the areas to be filled in the invoice issuing page;

if all the areas to be filled in the invoice issuing page have no filling data or the current moment is the initial moment, comparing the areas to be filled in the next moment;

If at least one area to be filled in the invoice issuing page has filling data, associating the invoice issuing page with the filling data on the invoice issuing page at the current moment to generate invoice data to be confirmed; the method comprises the steps of,

performing character recognition on the data plaintext through a character recognition model to obtain a first character segment; performing character recognition on the invoice data to be confirmed through a character recognition model to obtain a second character segment;

calculating the similarity of the first character segment and the second character segment, and comparing the calculated similarity with a first preset similarity;

if the calculated similarity is smaller than the first preset similarity, hiding a confirmation instruction on the invoice issuing page;

and if the calculated similarity is greater than or equal to the first preset similarity, displaying a confirmation instruction on the invoice issuing page.

In an embodiment of the present invention, when generating the public key for encrypting data by an encryption algorithm, the method further includes:

generating a first private key and a second private key through an encryption algorithm based on certificate information of an invoice issuer and certificate information of an invoice receiver;

Storing the first private key to a local terminal of the invoice issuer so that the invoice issuer can decrypt the data encrypted by the public key by using the first private key;

and storing the second private key to a local terminal of the invoice receiver so that the invoice receiver can decrypt the data encrypted by the public key by using the second private key.

In an embodiment of the present invention, after transmitting the data ciphertext to the invoice issuer, the method further includes: decrypting the data ciphertext by using the first private key to obtain a data plaintext provided by the invoice receiver so that the invoice issuer fills data in a region to be filled of an invoice issuing page;

and after the invoice issuer accesses the server through the invoice address information and downloads the encrypted electronic invoice, further comprising: decrypting the encrypted electronic invoice by using the first private key to obtain an electronic invoice generated by the electronic invoice issuing software;

and after the invoice receiver accesses the server through the invoice address information and downloads the encrypted electronic invoice, the method further comprises the following steps: and decrypting the encrypted electronic invoice by using the second private key to obtain the electronic invoice generated by the electronic invoice issuing software.

In one embodiment of the present invention, the authority authentication process for the invoice issuer includes:

providing an authority authentication page of the electronic invoice issuing software for the invoice issuing party; the authority authentication page is used for inputting identity information by the invoice issuer, and the identity information comprises: account information, password information, temporary session feature code information, and biometric information;

receiving identity information input by the invoice issuer through the authority authentication page, and taking the identity information input by the invoice issuer as the authority authentication information of the invoice issuer;

performing a first authentication on the invoice issuer based on the account information and the password information; after the invoice issuer passes the first authentication, performing a second authentication on the invoice issuer based on the temporary session feature code information; after the invoice issuer passes the second authentication, performing a third authentication on the invoice issuer based on the biological identification information;

if the invoice issuer passes the third authentication, marking that the invoice issuer passes the authority authentication;

If the invoice issuer fails the first authentication, the second authentication or the third authentication, the invoice issuer is marked as not passing the authority authentication.

In one embodiment of the invention, the invoice issuer is authenticated for the first time based on the account information and the password information; after the invoice issuer passes the first authentication, performing a second authentication on the invoice issuer based on the temporary session feature code information; and after the invoice issuer passes the second authentication, performing a third authentication on the invoice issuer based on the biometric information, wherein the third authentication comprises the following steps:

providing a first authority authentication page of the electronic invoice issuing software for the invoice issuing party;

comparing the account information input by the invoice issuer on the first authority authentication page with the account information stored in the database, and comparing the password information input by the invoice issuer on the first authority authentication page with the password information stored in the database;

if account information and password information input by the invoice issuer on the first authority authentication page exist in the database, marking that the invoice issuer passes first identity authentication, issuing temporary session feature code information to the invoice issuer, and providing a second authority authentication page of the electronic invoice issuer; otherwise, if the account information or the password information input by the invoice issuer on the first authority authentication page does not exist in the database, marking that the invoice issuer does not pass the authority authentication, stopping the subsequent authority authentication flow, and providing the first authority authentication page of the electronic invoice issuing software for the invoice issuer again;

If the invoice issuer passes the first authentication, taking the temporary session feature code information issued by the electronic invoice issuing software as first temporary session feature code information and taking the temporary session feature code information filled in the second authority authentication page as second temporary session feature code information; calculating the similarity of the first temporary session feature code information and the second temporary session feature code information, and comparing the corresponding similarity with a second preset similarity; if the similarity of the first temporary session feature code information and the second temporary session feature code information is greater than or equal to the second preset similarity, marking the invoice issuer to pass the second identity authentication, and providing a third authority authentication page of the electronic invoice issuing software for the invoice issuer; if the similarity of the first temporary session feature code information and the second temporary session feature code information is smaller than the second preset similarity, marking that the invoice issuer does not pass the authority authentication, stopping a subsequent authority authentication flow, and providing a first authority authentication page of the electronic invoice issuing software for the invoice issuer again;

If the invoice issuer passes the second identity verification, the biological identification information acquired through the third authority authentication page is used as real-time biological identification information and is compared with the biological identification information stored in the database in advance; if the database contains the biological identification information with the similarity with the real-time biological identification information being greater than or equal to the third preset similarity, marking the invoice issuer to pass the third identity verification and marking the invoice issuer to pass the authority authentication; if the database does not have the biological identification information with the similarity larger than or equal to the third preset similarity, marking that the invoice issuer fails the third authentication, stopping the subsequent authority authentication flow, and providing the first authority authentication page of the electronic invoice issuing software for the invoice issuer again.

In an embodiment of the invention, the encryption algorithm includes at least one of: RSA encryption algorithm, digital signature algorithm, elliptic curve encryption algorithm, and ElGamal encryption algorithm.

The invention also provides an electronic ticket issuing system based on the encryption algorithm, which comprises:

The encryption algorithm module is used for generating a public key for data encryption through an encryption algorithm according to the certificate information of the invoice issuer and the certificate information of the invoice receiver;

the electronic invoice data encryption module is used for encrypting the data plaintext provided by the invoice receiver by utilizing the public key to obtain the data ciphertext;

the data ciphertext transmission module is used for transmitting the data ciphertext to the invoice issuer according to a communication link which is established in advance or in real time between the invoice issuer and the invoice receiver;

the electronic invoice issuing module is used for receiving and responding to an invoice issuing request generated by the invoice issuing party on electronic invoice issuing software, authenticating authority of the invoice issuing party, and providing an invoice issuing page for the invoice issuing party after the invoice issuing party passes the authority authentication; after the confirmation instruction on the invoice issuing page is triggered, generating an electronic invoice based on invoice data filled in the invoice issuing page;

the electronic invoice encryption module is used for encrypting the electronic invoice by utilizing the public key, storing the encrypted electronic invoice into a server determined in advance or in real time, and generating corresponding invoice address information;

The encryption electronic invoice downloading module is used for transmitting the invoice address information to the invoice receiver according to a communication link which is established in advance or in real time between the invoice issuer and the invoice receiver, so that the invoice receiver accesses the server through the invoice address information and downloads the encryption electronic invoice; or transmitting the invoice address information to the invoice issuer so that the invoice issuer accesses the server through the invoice address information and downloads the encrypted electronic invoice.

The invention also provides an electronic ticket issuing equipment based on the encryption algorithm, which comprises:

a processor; and, a step of, in the first embodiment,

a computer readable medium storing instructions that, when executed by the processor, cause the apparatus to perform the encryption algorithm-based electronic ticketing method as set forth in any one of the above.

The present invention also provides a computer readable medium having instructions stored thereon, the instructions being loaded by a processor and executing the encryption algorithm-based electronic ticket issuing method as described in any of the above.

As described above, the present invention provides an electronic ticket issuing method, system, device and medium based on encryption algorithm, which has the following beneficial effects:

The method comprises the steps of firstly generating a public key for encrypting data to be transmitted when the data transmission is carried out between an invoice issuer and an invoice receiver through an encryption algorithm based on certificate information of the invoice issuer and the invoice receiver; then when the invoice receiver needs the invoice issuer to issue electronic invoice data, encrypting the data plaintext provided by the invoice receiver by using the public key to obtain the data ciphertext; and then according to a communication link established in advance or in real time between the invoice issuer and the invoice receiver, sending the data ciphertext to the invoice issuer, and decrypting the data ciphertext by the invoice issuer according to the first private key of the invoice issuer, thereby obtaining a data plaintext provided by the invoice receiver. Meanwhile, the invoice issuing side fills corresponding data plaintext on an invoice issuing page provided by the electronic invoice issuing software, and after triggering a confirmation instruction on the invoice issuing page, the electronic invoice issuing software directly issues an electronic invoice required by an invoice receiver; the electronic invoice is encrypted by the public key and then stored in a server, and invoice address information is generated at the same time; when the invoice issuer or the invoice receiver accesses the server through the invoice address information, the corresponding encrypted electronic invoice can be downloaded, and finally the invoice issuer decrypts the encrypted electronic invoice according to the first private key of the invoice issuer or the invoice receiver according to the second private key of the invoice issuer, so that the electronic invoice issued by the electronic invoice issuing software can be obtained. Therefore, the invention firstly encrypts the data plaintext provided by the invoice receiver by using the public key, and only the invoice issuer or the invoice receiver can decrypt by using the private key of the invoice issuer or the invoice receiver, thereby avoiding that detailed information in the data plaintext provided by the invoice receiver is collected by irrelevant personnel; meanwhile, after the electronic invoice is issued by the electronic invoice issuing software, the electronic invoice is encrypted by using the public key, and only the invoice issuing party or the invoice receiving party can decrypt by using the private key of the invoice issuing party or the invoice receiving party, so that detailed information in the electronic invoice can be prevented from being collected by irrelevant personnel. Therefore, by encrypting the data plaintext provided by the invoice receiver and encrypting the electronic invoice, the invention can avoid the detailed information in the processes of issuing the electronic invoice by the invoice issuer and the invoice receiver from being collected by irrelevant personnel, and can not leak business secrets such as business flow processes of transactions at the upstream and the downstream of enterprises in the process of issuing the invoice, thereby enhancing the protection intensity of invoice information and improving the data information safety of the enterprises.

Drawings

FIG. 1 is a schematic diagram of an exemplary system architecture to which the teachings of one or more embodiments of the present invention may be applied;

FIG. 2 is a flow chart of an electronic invoice issuing method based on an encryption algorithm according to an embodiment of the invention;

fig. 3 is a schematic hardware structure diagram of an electronic ticket issuing system based on an encryption algorithm according to an embodiment of the present invention;

fig. 4 is a schematic diagram of a hardware architecture of an electronic ticketing apparatus based on encryption algorithms suitable for implementing one or more embodiments of the present invention.

Detailed Description

Other advantages and effects of the present invention will become apparent to those skilled in the art from the following disclosure, which describes the embodiments of the present invention with reference to specific examples. The invention may be practiced or carried out in other embodiments that depart from the specific details, and the details of the present description may be modified or varied from the spirit and scope of the present invention. It should be noted that the following embodiments and features in the embodiments may be combined with each other without conflict.

It should be noted that, the illustrations provided in the present embodiment merely illustrate the basic concept of the present invention by way of illustration, and only the components related to the present invention are shown in the drawings and are not drawn according to the number, shape and size of the components in actual implementation, and the form, number and proportion of the components in actual implementation may be arbitrarily changed, and the layout of the components may be more complex.

FIG. 1 illustrates a schematic diagram of an exemplary system architecture to which the teachings of one or more embodiments of the present invention may be applied. As shown in fig. 1, system architecture 100 may include a terminal device 110, a network 120, and a server 130. Terminal device 110 may include various electronic devices such as smart phones, tablet computers, notebook computers, desktop computers, and the like. The server 130 may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud computing services. Network 120 may be a communication medium of various connection types capable of providing a communication link between terminal device 110 and server 130, and may be, for example, a wired communication link or a wireless communication link.

The system architecture in embodiments of the present invention may have any number of terminal devices, networks, and servers, as desired for implementation. For example, the server 130 may be a server group composed of a plurality of server devices. In addition, the technical solution provided in the embodiment of the present invention may be applied to the terminal device 110, or may be applied to the server 130, or may be implemented by the terminal device 110 and the server 130 together, which is not limited in particular.

In one embodiment of the present invention, the terminal device 110 or the server 130 of the present invention may generate, based on the certificate information of the invoice issuer and the invoice receiver, a public key for encrypting data to be transmitted when data transmission is performed between the invoice issuer and the invoice receiver through an encryption algorithm; then when the invoice receiver needs the invoice issuer to issue electronic invoice data, encrypting the data plaintext provided by the invoice receiver by using the public key to obtain the data ciphertext; and then according to a communication link established in advance or in real time between the invoice issuer and the invoice receiver, sending the data ciphertext to the invoice issuer, and decrypting the data ciphertext by the invoice issuer according to the first private key of the invoice issuer, thereby obtaining a data plaintext provided by the invoice receiver. Meanwhile, the invoice issuing side fills corresponding data plaintext on an invoice issuing page provided by the electronic invoice issuing software, and after triggering a confirmation instruction on the invoice issuing page, the electronic invoice issuing software directly issues an electronic invoice required by an invoice receiver; the electronic invoice is encrypted by the public key and then stored in a server, and invoice address information is generated at the same time; when the invoice issuer or the invoice receiver accesses the server through the invoice address information, the corresponding encrypted electronic invoice can be downloaded, and finally the invoice issuer decrypts the encrypted electronic invoice according to the first private key of the invoice issuer or the invoice receiver according to the second private key of the invoice issuer, so that the electronic invoice issued by the electronic invoice issuing software can be obtained. The electronic invoice issuing method based on the encryption algorithm is executed by using the terminal equipment 110 or the server 130, the data plaintext provided by the invoice receiver can be encrypted by using the public key, and only the invoice issuing party or the invoice receiver can decrypt by using the private key of the invoice issuing party, so that the detailed information in the data plaintext provided by the invoice receiver can be prevented from being collected by irrelevant personnel; meanwhile, after the electronic invoice is issued by the electronic invoice issuing software, the electronic invoice is encrypted by using the public key, and only the invoice issuing party or the invoice receiving party can decrypt by using the private key of the invoice issuing party or the invoice receiving party, so that detailed information in the electronic invoice can be prevented from being collected by irrelevant personnel. Therefore, by encrypting the data plaintext provided by the invoice receiver and encrypting the electronic invoice, the invention can avoid the detailed information in the processes of issuing the electronic invoice by the invoice issuer and the invoice receiver from being collected by irrelevant personnel, and can not leak business secrets such as business flow processes of transactions at the upstream and the downstream of enterprises in the process of issuing the invoice, thereby enhancing the protection intensity of invoice information and improving the data information safety of the enterprises.

The above section describes the content of an exemplary system architecture to which the technical scheme of the present invention is applied, and the electronic ticket issuing method based on the encryption algorithm of the present invention is further described.

Fig. 2 is a schematic flow chart of an electronic ticket issuing method based on an encryption algorithm according to an embodiment of the present invention. Specifically, in an exemplary embodiment, as shown in fig. 2, the present embodiment provides an electronic ticket issuing method based on an encryption algorithm, which includes the following steps:

s210, generating a public key for data encryption through an encryption algorithm based on the certificate information of the invoice issuer and the certificate information of the invoice receiver. As an example, the encryption algorithm in the present embodiment may be an asymmetric encryption algorithm, including but not limited to: an asymmetric encryption algorithm such as an RSA (Rivest-Shamir-Adleman, abbreviated as RSA) encryption algorithm, a digital signature algorithm (Digital Signature Algorithm, abbreviated as DSA), an elliptic curve encryption algorithm (Elliptic Curve Cryptography, abbreviated as ECC), an ElGamal (ElGamal Encryption, abbreviated as ElGamal) encryption algorithm, and the like.

S220, encrypting a data plaintext provided by an invoice receiver by using a public key to obtain a data ciphertext;

S230, transmitting the data ciphertext to the invoice issuer according to a communication link established in advance or in real time between the invoice issuer and the invoice receiver;

s240, receiving and responding to an invoice issuing request generated by an invoice issuing party on electronic invoice issuing software, authenticating authority of the invoice issuing party, and providing an invoice issuing page for the invoice issuing party after the invoice issuing party passes the authority authentication; after the confirmation instruction on the invoice issuing page is triggered, generating an electronic invoice based on invoice data filled in the invoice issuing page;

s250, encrypting the electronic invoice by using the public key, storing the encrypted electronic invoice into a server determined in advance or in real time, and generating corresponding invoice address information;

s260, transmitting invoice address information to the invoice receiver according to a communication link established in advance or in real time between the invoice issuer and the invoice receiver, so that the invoice receiver accesses a server through the invoice address information, and downloads the encrypted electronic invoice; or transmitting the invoice address information to the invoice issuer so that the invoice issuer can access the server through the invoice address information to download the encrypted electronic invoice. In this embodiment, the manner of transmitting the address information may be e-mail, sms, or the like.

Therefore, the embodiment firstly encrypts the data plaintext provided by the invoice receiver by using the public key, and only the invoice issuer or the invoice receiver can decrypt by using the private key of the invoice issuer or the invoice receiver, so that detailed information in the data plaintext provided by the invoice receiver can be prevented from being collected by irrelevant personnel; meanwhile, after the electronic invoice is issued by the electronic invoice issuing software, the electronic invoice is encrypted by using the public key, and only the invoice issuing party or the invoice receiving party can decrypt by using the private key of the invoice issuing party or the invoice receiving party, so that detailed information in the electronic invoice can be prevented from being collected by irrelevant personnel. Therefore, according to the embodiment, through encrypting the data plaintext provided by the invoice receiver and encrypting the electronic invoice, detailed information in the electronic invoice issuing process of an invoice issuer and the invoice receiver can be prevented from being collected by irrelevant personnel, business secrets such as business flow processes of the business at the upstream and the downstream can not be leaked in the invoice issuing process, the invoice information protection intensity is enhanced, and the data information safety of the business is improved. In this embodiment, the invoice issuer is the institution or person providing the goods or services and the invoice recipient is the institution or person purchasing the goods or services.

In an exemplary embodiment of the present invention, after providing the invoice issuing page to the invoice issuer, the embodiment may further include: comparing all the areas to be filled in the invoice issuing page at the current moment with all the areas to be filled in the invoice issuing page at the previous moment, and determining whether filling data exist in all the areas to be filled in the invoice issuing page; if all the areas to be filled in the invoice issuing page have no filling data or the current moment is the initial moment, comparing the areas to be filled in the next moment; if at least one area to be filled in the invoice issuing page has filling data, the invoice issuing page is associated with the filling data on the invoice issuing page at the current moment, and invoice data to be confirmed are generated; performing character recognition on the data plaintext through a character recognition model to obtain a first character segment; performing character recognition on invoice data to be confirmed through a character recognition model to obtain a second character segment; calculating the similarity of the first character segment and the second character segment, and comparing the calculated similarity with a first preset similarity; if the calculated similarity is smaller than the first preset similarity, hiding a confirmation instruction on the invoice issuing page; and if the calculated similarity is greater than or equal to the first preset similarity, displaying a confirmation instruction on the invoice issuing page. Therefore, after the invoice issuing side is provided with the invoice issuing page, the embodiment monitors the filling data on the invoice issuing page, determines whether the filling data is consistent with the data plaintext provided by the invoice receiver, and if so, displays the confirmation instruction on the invoice issuing page so as to enable the electronic invoice issuing software to carry out the electronic invoice issuing flow by triggering the corresponding confirmation instruction. If the invoice is inconsistent, hiding a confirmation instruction on an invoice issuing page so as to avoid issuing an electronic invoice with an error. In this embodiment, the first preset similarity may be set according to actual situations, which is not limited to a specific numerical value in this embodiment. If the calculated similarity of the first character segment and the second character segment is greater than or equal to the first preset similarity, the first character segment and the second character segment are the same, namely the filling data on the invoice issuing page is consistent with the data plaintext provided by the invoice receiver; in contrast, if the calculated similarity between the first character segment and the second character segment is smaller than the first preset similarity, the first character segment and the second character segment are different or not identical, that is, the filling data on the invoice issuing page is inconsistent or not completely consistent with the data plaintext provided by the invoice receiving party.

In an exemplary embodiment of the present invention, when generating the public key for encrypting data by the encryption algorithm, the embodiment may further include: generating a first private key and a second private key through an encryption algorithm based on certificate information of an invoice issuer and certificate information of an invoice receiver; storing the first private key to a local terminal of the invoice issuer so that the invoice issuer can decrypt the data encrypted by the public key by using the first private key; and storing the second private key to a local terminal of the invoice receiver so that the invoice receiver can decrypt the data encrypted by the public key by using the second private key. As an example, the certificate information in the embodiment may be set according to actual situations, for example, if the invoice issuer or the invoice receiver is an individual, the corresponding certificate information may be identity card information; if the invoice issuer or the invoice receiver is an enterprise, the corresponding certificate information may be enterprise certificate information. As an example, after generating the first private key and the second private key, when receiving the data ciphertext for the invoice issuer, the embodiment may further include: and decrypting the data ciphertext by using the first private key to obtain the data plaintext provided by the invoice receiver so that the invoice issuer fills data in the area to be filled of the invoice issuing page. As another example, after generating the first private key and the second private key, the invoice issuer accesses the server through the invoice address information and downloads the encrypted electronic invoice, and the embodiment may further include: and decrypting the encrypted electronic invoice by using the first private key to obtain the electronic invoice generated by the electronic invoice issuing software. As yet another example, after the first private key and the second private key are generated, the invoice receiver accesses the server through the invoice address information, and downloads the encrypted electronic invoice, and the embodiment may further include: and decrypting the encrypted electronic invoice by using the second private key to obtain the electronic invoice generated by the electronic invoice issuing software. It can be known that, in this embodiment, the public key is used to encrypt the data plaintext provided by the invoice receiver, the invoice issuer can decrypt the data plaintext by using the first private key, and the invoice receiver can decrypt the data plaintext by using the second private key; and other institutions or personnel except the invoice issuer and the invoice receiver cannot decrypt the data ciphertext, so that detailed information in the data text provided by the invoice receiver can be prevented from being collected by irrelevant personnel. In addition, after the electronic invoice is issued by the electronic invoice issuing software, if the electronic invoice is encrypted by the public key, only the invoice issuing party or the invoice receiving party can decrypt by using the private key of the invoice issuing party or the invoice receiving party, so that detailed information in the electronic invoice can be prevented from being collected by irrelevant personnel. Therefore, the embodiment can avoid the detailed information in the electronic invoice issuing process of the invoice issuing party and the invoice receiving party from being collected by irrelevant personnel, and the business secrets such as the business circulation flow of the business at the upstream and the downstream can not be leaked in the invoice issuing process, thereby enhancing the invoice information protection intensity and improving the data information security of the business.

In an exemplary embodiment of the present invention, the process of authenticating rights of an invoice issuer includes: providing an authority authentication page of electronic invoice issuing software for an invoice issuing party; the authority authentication page is used for inputting identity information by an invoice issuer, and the identity information comprises: account information, password information, temporary session feature code information, and biometric information; receiving identity information input by an invoice issuer through a permission authentication page, and taking the identity information input by the invoice issuer as permission authentication information of the invoice issuer; performing a first authentication of an invoice issuer based on account information and password information; after the invoice issuer passes the first authentication, performing a second authentication on the invoice issuer based on the temporary session feature code information; after the invoice issuer passes the second authentication, performing a third authentication on the invoice issuer based on the biological identification information; if the invoice issuer passes the third authentication, marking the invoice issuer to pass the authority authentication; if the invoice issuer fails the first authentication, the second authentication or the third authentication, the invoice issuer is marked as not passing the authority authentication.

Specifically, the embodiment performs the first authentication on the invoice issuer based on the account information and the password information; after the invoice issuer passes the first authentication, performing a second authentication on the invoice issuer based on the temporary session feature code information; and after the invoice issuer passes the second authentication, performing a third authentication on the invoice issuer based on the biometric information, including:

providing a first authority authentication page of electronic invoice issuing software for an invoice issuing party;

if account information and password information input by the invoice issuer on the first authority authentication page exist in the database, marking the invoice issuer as passing through the first identity authentication, issuing temporary session feature code information to the invoice issuer, and providing a second authority authentication page of the electronic invoice issuer; otherwise, if the account information or the password information input by the invoice issuer on the first authority authentication page does not exist in the database, marking that the invoice issuer does not pass the authority authentication, stopping the subsequent authority authentication flow, and providing the first authority authentication page of the electronic invoice issuing software for the invoice issuer again;

If the invoice issuer passes the first authentication, taking the temporary session feature code information issued by the electronic invoice issuing software as first temporary session feature code information and taking the temporary session feature code information filled in the second authority authentication page as second temporary session feature code information; calculating the similarity of the first temporary session feature code information and the second temporary session feature code information, and comparing the corresponding similarity with a second preset similarity; if the similarity of the first temporary session feature code information and the second temporary session feature code information is greater than or equal to the second preset similarity, marking the invoice issuer to pass the second identity authentication, and providing a third authority authentication page of the electronic invoice issuing software for the invoice issuer; if the similarity of the first temporary session feature code information and the second temporary session feature code information is smaller than the second preset similarity, marking that the invoice issuer does not pass the authority authentication, stopping the subsequent authority authentication flow, and providing a first authority authentication page of the electronic invoice issuer again;

if the invoice issuer passes the second authentication, the biological identification information acquired through the third authority authentication page is used as real-time biological identification information and is compared with the biological identification information stored in the database in advance; if the database contains the biological identification information with the similarity with the real-time biological identification information being greater than or equal to the third preset similarity, marking the invoice issuer to pass the third identity verification and marking the invoice issuer to pass the authority authentication; if the database does not have the biological identification information with the similarity greater than or equal to the third preset similarity, marking that the invoice issuer fails the third authentication, stopping the subsequent authority authentication flow, and providing the first authority authentication page of the electronic invoice issuer again.

In this embodiment, the second preset similarity and the third preset similarity may be set according to actual situations, which is not limited in specific numerical values in this embodiment. If the similarity of the first temporary session feature code information and the second temporary session feature code information is greater than or equal to the second preset similarity, the first temporary session feature code information and the second temporary session feature code information are the same; otherwise, if the similarity between the first temporary session feature code information and the second temporary session feature code information is smaller than the second preset similarity, the first temporary session feature code information and the second temporary session feature code information are different or not identical. Similarly, if the similarity between the real-time biometric information and at least one of the biometric information stored in the database in advance is greater than or equal to the third preset similarity, the real-time biometric information is indicated to have the same biometric information in the database; otherwise, if the similarity between the real-time biometric information and all the biometric information in the biometric information stored in the database in advance is smaller than the third preset similarity, it indicates that the same biometric information does not exist in the database in the real-time biometric information.

It can be seen that, in this embodiment, the account information and the password information form a first layer of identity authentication, the temporary session feature code information forms a second layer of identity authentication, and the biometric information forms a third layer of identity authentication; and each layer of identity authentication is passed before entering the lower layer of identity authentication, if the upper layer of identity authentication is not passed, directly marking that the authority authentication is not passed, stopping the subsequent authority authentication flow, and providing a first authority authentication page of the electronic invoice issuing software for the invoice issuing party again. Therefore, the access authority can be limited by setting the multi-layer identity authentication mechanism, the access control and identity information inquiry functions of the electronic invoice issuing software are realized, the electronic invoice issuing software is prevented from being accessed by irrelevant personnel, the business secret of an enterprise is effectively protected, and the enterprise is helped to maintain normal operation.

In summary, the invention provides an electronic issuing and issuing method based on an encryption algorithm, which generates a public key for encrypting data to be transmitted when data transmission is performed between an invoice issuing party and an invoice receiving party through the encryption algorithm based on certificate information of the invoice issuing party and the invoice receiving party; then when the invoice receiver needs the invoice issuer to issue electronic invoice data, encrypting the data plaintext provided by the invoice receiver by using the public key to obtain the data ciphertext; and then according to a communication link established in advance or in real time between the invoice issuer and the invoice receiver, sending the data ciphertext to the invoice issuer, and decrypting the data ciphertext by the invoice issuer according to the first private key of the invoice issuer, thereby obtaining a data plaintext provided by the invoice receiver. Meanwhile, the invoice issuing side fills corresponding data plaintext on an invoice issuing page provided by the electronic invoice issuing software, and after triggering a confirmation instruction on the invoice issuing page, the electronic invoice issuing software directly issues an electronic invoice required by an invoice receiver; the electronic invoice is encrypted by the public key and then stored in a server, and invoice address information is generated at the same time; when the invoice issuer or the invoice receiver accesses the server through the invoice address information, the corresponding encrypted electronic invoice can be downloaded, and finally the invoice issuer decrypts the encrypted electronic invoice according to the first private key of the invoice issuer or the invoice receiver according to the second private key of the invoice issuer, so that the electronic invoice issued by the electronic invoice issuing software can be obtained. Therefore, the method firstly encrypts the data plaintext provided by the invoice receiver by using the public key, and only the invoice issuer or the invoice receiver can decrypt by using the private key of the invoice issuer or the invoice receiver, so that the detailed information in the data plaintext provided by the invoice receiver can be prevented from being collected by irrelevant personnel; meanwhile, after the electronic invoice is issued by the electronic invoice issuing software, the electronic invoice is encrypted by using the public key, and only the invoice issuing party or the invoice receiving party can decrypt by using the private key of the invoice issuing party or the invoice receiving party, so that detailed information in the electronic invoice can be prevented from being collected by irrelevant personnel. Therefore, by encrypting the data plaintext provided by the invoice receiver and encrypting the electronic invoice, the method can avoid the detailed information of the invoice issuer and the invoice receiver in the electronic invoice issuing process from being collected by irrelevant personnel, can not leak business secrets such as business flow processes of business at the upstream and downstream of an enterprise in the invoice issuing process, enhances the invoice information protection intensity and improves the data information safety of the enterprise.

As shown in fig. 3, the present invention further provides an electronic ticket issuing system based on an encryption algorithm, which includes:

the encryption algorithm module 310 is configured to generate a public key for encrypting data according to the certificate information of the invoice issuer and the certificate information of the invoice receiver through an encryption algorithm. As an example, the encryption algorithm in the present embodiment may be an asymmetric encryption algorithm, including but not limited to: an RSA encryption algorithm, a digital signature algorithm, an elliptic curve encryption algorithm, an ElGamal encryption algorithm and other asymmetric encryption algorithms.

The electronic invoice data encryption module 320 is configured to encrypt a data plaintext provided by an invoice receiver by using a public key to obtain a data ciphertext;

the data ciphertext transmission module 330 transmits the data ciphertext to the invoice issuer according to a communication link established in advance or in real time between the invoice issuer and the invoice receiver;

the electronic invoice issuing module 340 is configured to receive and respond to an invoice issuing request generated by an invoice issuing party on electronic invoice issuing software, perform authority authentication on the invoice issuing party, and provide an invoice issuing page to the invoice issuing party after the invoice issuing party passes the authority authentication; after the confirmation instruction on the invoice issuing page is triggered, generating an electronic invoice based on invoice data filled in the invoice issuing page;

The electronic invoice encryption module 350 is configured to encrypt an electronic invoice using a public key, store the encrypted electronic invoice in a server determined in advance or in real time, and generate corresponding invoice address information;

the encrypted electronic invoice downloading module 360 is configured to transmit invoice address information to an invoice receiver according to a communication link established in advance or in real time between an invoice issuer and the invoice receiver, so that the invoice receiver accesses a server through the invoice address information to download the encrypted electronic invoice; or transmitting the invoice address information to the invoice issuer so that the invoice issuer can access the server through the invoice address information to download the encrypted electronic invoice. In this embodiment, the manner of transmitting the address information may be e-mail, sms, or the like.

It should be noted that, the electronic invoice issuing system based on the encryption algorithm provided in the foregoing embodiment and the electronic invoice issuing method based on the encryption algorithm provided in the foregoing embodiment belong to the same concept, and a specific manner of performing an operation of the electronic invoice issuing method based on the encryption algorithm has been described in detail in the foregoing method embodiment, which is not repeated herein. In practical application, the electronic ticket issuing system based on the encryption algorithm provided in the above embodiment may allocate the functions to different functional modules according to needs, that is, the internal structure of the system is divided into different functional modules to complete all or part of the functions described above, which is not limited herein. For example, the encryption algorithm module 310 may be configured to perform the above-described step S210 and its associated processes, the electronic invoice data encryption module 320 may be configured to perform the above-described step S220 and its associated processes, the data ciphertext transmission module 330 may be configured to perform the above-described step S230 and its associated processes, the electronic invoice issuing module 340 may be configured to perform the above-described step S240 and its associated processes, the electronic invoice encryption module 350 may be configured to perform the above-described step S250 and its associated processes, and the encrypted electronic invoice download module 360 may be configured to perform the above-described step S260 and its associated processes.

It should be noted that, in the above embodiment, when the related data (such as account information, password information, temporary session feature code information, and biometric information) is collected, stored, used, processed, transmitted, provided, disclosed, deleted, etc., the processing is performed with or without user consent. Such as account information, password information, temporary session feature code information, and biometric information, is authorized with the user's knowledge and consent; either the user is actively provided after reading the relevant description, or the user is actively authorized/provided/uploaded, or otherwise obtained through or informed of the user's consent, while using some or all of the functions described in the above embodiments.

The embodiment of the invention also provides an electronic ticket issuing equipment based on the encryption algorithm, which can comprise: one or more processors; and one or more machine readable media having instructions stored thereon that, when executed by the one or more processors, cause the apparatus to perform the encryption algorithm-based electronic ticketing method described in fig. 2. Fig. 4 shows a schematic structural diagram of an electronic ticket issuing apparatus 1000 based on an encryption algorithm. Referring to fig. 4, an electronic ticketing apparatus 1000 based on an encryption algorithm includes: processor 1010, memory 1020, power supply 1030, display unit 1040, and input unit 1060.

The processor 1010 is a control center of the electronic ticketing apparatus 1000 based on the encryption algorithm, connects respective components using various interfaces and lines, and performs various functions of the electronic ticketing apparatus 1000 based on the encryption algorithm by running or executing software programs and/or data stored in the memory 1020, thereby performing overall monitoring of the electronic ticketing apparatus 1000 based on the encryption algorithm. In an embodiment of the present invention, the processor 1010 executes an electronic ticket issuing method based on an encryption algorithm as described in fig. 2 when it invokes a computer program stored in the memory 1020. In the alternative, processor 1010 may include one or more processing units; preferably, the processor 1010 may integrate an application processor that primarily handles operating systems, user interfaces, applications, etc., with a modem processor that primarily handles wireless communications. In some embodiments, the processor, memory, may be implemented on a single chip, and in some embodiments, they may be implemented separately on separate chips.

The memory 1020 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, various applications, etc.; the storage data area may store data created according to the use of the electronic ticketing apparatus 1000 based on an encryption algorithm, and the like. In addition, memory 1020 may include high-speed random access memory and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state memory device, among others.

The electronic ticket issuing equipment 1000 based on the encryption algorithm further comprises a power supply 1030 (such as a battery) for supplying power to each component, and the power supply can be logically connected with the processor 1010 through a power management system, so that functions of managing charging, discharging, power consumption and the like are realized through the power management system.

The display unit 1040 may be used to display information input by a user or information provided to the user, various menus of the electronic ticketing apparatus 1000 based on the encryption algorithm, and the like, and in the embodiment of the present invention, the display unit is mainly used to display a display interface of each application in the electronic ticketing apparatus 1000 based on the encryption algorithm, and objects such as text and pictures displayed in the display interface. The display unit 1040 may include a display panel 1050. The display panel 1050 may be configured in the form of a liquid crystal display (Liquid Crystal Display, LCD), an Organic Light-Emitting Diode (OLED), or the like.

The input unit 1060 may be used to receive information such as numbers or characters input by a user. The input unit 1060 may include a touch panel 1070 and other input devices 1080. Wherein the touch panel 1070, also referred to as a touch screen, may collect touch operations thereon or thereabout by a user (e.g., operations of the user on the touch panel 1070 or thereabout by using any suitable object or accessory such as a finger, a stylus, etc.).

Specifically, the touch panel 1070 may detect a touch operation by a user, detect signals resulting from the touch operation, convert the signals into coordinates of contacts, send the coordinates to the processor 1010, and receive and execute commands sent from the processor 1010. In addition, the touch panel 1070 may be implemented in various types such as resistive, capacitive, infrared, and surface acoustic wave. Other input devices 1080 may include, but are not limited to, one or more of a physical keyboard, function keys (e.g., volume control keys, power on and off keys, etc.), a trackball, mouse, joystick, etc.

Of course, the touch panel 1070 may overlay the display panel 1050, and when a touch operation is detected on or near the touch panel 1070, the touch operation is transmitted to the processor 1010 to determine the type of touch event, and then the processor 1010 provides a corresponding visual output on the display panel 1050 according to the type of touch event. Although in fig. 4, the touch panel 1070 and the display panel 1050 are two separate components for implementing the input and output functions of the electronic ticketing apparatus 1000 based on the encryption algorithm, in some embodiments, the touch panel 1070 and the display panel 1050 may be integrated to implement the input and output functions of the electronic ticketing apparatus 1000 based on the encryption algorithm.

The electronic ticketing apparatus 1000 based on encryption algorithms can also include one or more sensors, such as pressure sensors, gravitational acceleration sensors, proximity light sensors, and the like. Of course, the electronic ticket issuing apparatus 1000 based on the encryption algorithm may also include other components such as a camera, as required in a specific application.

The embodiment of the invention also provides a computer readable storage medium, wherein instructions are stored in the storage medium, and when one or more processors execute the instructions, the equipment can execute the electronic ticket issuing method based on the encryption algorithm in the invention as shown in fig. 2.

It will be appreciated by those skilled in the art that fig. 4 is merely an example of an electronic ticketing rendering device based on encryption algorithms and is not limiting of the device, and the device may include more or less components than illustrated, or may combine certain components, or different components. For convenience of description, the above parts are described as being functionally divided into modules (or units) respectively. Of course, in implementing the present invention, the functions of each module (or unit) may be implemented in the same piece or pieces of software or hardware.

It will be appreciated by those skilled in the art that the invention can take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein. The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention, which are desirably implemented by computer program instructions, each flowchart and/or block diagram illustration, and combinations of flowchart illustrations and/or block diagrams. These computer program instructions may be applied to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

It should be understood that although the terms first, second, third, etc. may be used to describe the preset similarities, etc. in the embodiments of the present invention, these preset similarities should not be limited to these terms. These terms are only used to distinguish the preset similarities from each other. For example, the first predetermined similarity may also be referred to as a second predetermined similarity, and similarly, the second predetermined similarity may also be referred to as the first predetermined similarity, without departing from the scope of the embodiments of the present invention.

The above embodiments are merely illustrative of the principles of the present invention and its effectiveness, and are not intended to limit the invention. Modifications and variations may be made to the above-described embodiments by those skilled in the art without departing from the spirit and scope of the invention. Accordingly, it is intended that all equivalent modifications and variations of the invention be covered by the claims, which are within the ordinary skill of the art, be within the spirit and scope of the present disclosure.

Claims

1. An electronic ticket issuing method based on an encryption algorithm is characterized by comprising the following steps:

2. The electronic invoice issuing method based on encryption algorithm according to claim 1, wherein after providing an invoice issuing page to the invoice issuing party, the method further comprises:

3. The electronic ticket issuing method based on the encryption algorithm according to claim 1 or 2, wherein when a public key for data encryption is generated by the encryption algorithm, the method further comprises:

4. The electronic invoice issuing method based on encryption algorithm as claimed in claim 3, wherein after transmitting the data ciphertext to the invoice issuing party, further comprising: decrypting the data ciphertext by using the first private key to obtain a data plaintext provided by the invoice receiver so that the invoice issuer fills data in a region to be filled of an invoice issuing page;

5. The electronic invoice issuing method based on encryption algorithm according to claim 1, wherein the process of authority authentication of the invoice issuer comprises:

6. The electronic invoice issuing method based on encryption algorithm according to claim 5, wherein the invoice issuer is authenticated for the first time based on the account information and the password information; after the invoice issuer passes the first authentication, performing a second authentication on the invoice issuer based on the temporary session feature code information; and after the invoice issuer passes the second authentication, performing a third authentication on the invoice issuer based on the biometric information, wherein the third authentication comprises the following steps:

7. The electronic ticket issuing method based on the encryption algorithm according to claim 1, wherein the encryption algorithm comprises at least one of the following: RSA encryption algorithm, digital signature algorithm, elliptic curve encryption algorithm, and ElGamal encryption algorithm.

8. An electronic ticket issuing system based on an encryption algorithm is characterized by comprising:

9. An electronic ticket issuing equipment based on encryption algorithm, which is characterized by comprising:

a processor; and, a step of, in the first embodiment,

a computer readable medium storing instructions that, when executed by the processor, cause the apparatus to perform the encryption algorithm-based electronic ticketing method of any one of claims 1 to 7.

10. A computer readable medium having instructions stored thereon, the instructions being loaded by a processor and executing the encryption algorithm-based electronic ticket issuing method according to any of claims 1 to 7.