网络与信息安全学报 (Apr 2022)
Electronic invoice public verification scheme based on SM2 coalition signature algorithm
Abstract
In order to solve the current problems of electronic invoices, such as anti-counterfeiting, privacy leakage and low verification efficiency, an electronic invoice public verification architecture based on the national signature algorithm was proposed.Electronic invoice documents have complex data sources, sensitive user information on the ticket surface, frequent data flow and other characteristics as well as the demand for efficient public verification.Based on these motivations, the e-invoice generation and verification protocol was designed.Besides, a signature code generation scheme for invoice anti-counterfeiting was proposed based on certificate-free joint signature.Then multiple data verification and signatures of the invoicing party and the taxation authority can be realized.All kinds of invoice holders can not only verify the authenticity and data integrity of electronic invoices, but also publicly check the authenticity and data integrity of electronic invoices.The integration of data encryption algorithms protects user privacy data in electronic invoices, and at the same time can fulfill the requirements for authenticity or status verification under various invoice application scenarios.The checking party only needs to verify one signature to confirm the authenticity of the electronic invoice signed by both parties.Scyther security simulation tools were used to analyze the security of the proposed solution, which can verify the integrity and authenticity of the data source and check the confidentiality of the privacy data under various types of attacks.Compared with a typical overseas e-invoice checking scheme and a similar digital signature-based e-invoice checking scheme, the proposed scheme has obvious advantages in terms of checking efficiency and invoice file size.