Efficient Privacy Preserving Authentication Scheme for Online E-invoice Service

MA Ruhui; CAO Jin; LI Hui; YANG Chaozhong

doi:10.11999/JEIT210049

Volume 44 Issue 3

Mar. 2022

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2022 > 44(3): 1075-1085

MA Ruhui, CAO Jin, LI Hui, YANG Chaozhong. Efficient Privacy Preserving Authentication Scheme for Online E-invoice Service[J]. Journal of Electronics & Information Technology, 2022, 44(3): 1075-1085. doi: 10.11999/JEIT210049

Citation:

MA Ruhui, CAO Jin, LI Hui, YANG Chaozhong. Efficient Privacy Preserving Authentication Scheme for Online E-invoice Service[J]. Journal of Electronics & Information Technology, 2022, 44(3): 1075-1085. doi: 10.11999/JEIT210049

Citation:

PDF( 1363 KB)

Efficient Privacy Preserving Authentication Scheme for Online E-invoice Service

doi: 10.11999/JEIT210049

1.
School of Cyber Engineering, Xidian University, Xi’an 710126, China
2.
National Time Service Center, Chinese Academy of Sciences, Xi’an 710600, China

Funds: The National Key Research and Development Program of China (2018YFB0803900)，The National Natural Science Foundation of China (61772404, U1836203), The Key Research and Development Program of Shaanxi Province (2020ZDLGY08-08)

Received Date: 2021-01-18
Accepted Date: 2021-11-11
Rev Recd Date: 2021-11-11

Available Online: 2021-12-20

Publish Date: 2022-03-28

Abstract

Abstract

In recent years, the form of invoice has changed from the traditional paper invoice to e-invoice. Compared with issuing paper invoice, there are the advantages of simpler process, lower cost, and easier storage for online issuing e-invoice. However, how to ensure the legitimacy of user identity and the privacy of identity information in online issuing e-invoice service is the focus issue of current research. In order to solve this issue, by using the pre- shared key mechanism, a privacy preserving authentication scheme for online issuing e-invoice is proposed. By this scheme, a legitimate user who has completed a transaction with an enterprise can initiate an e-invoice request locally and online, and the e-invoice system of the State Administration of taxation can provide the user with e-invoices after verifying the identity information and transaction information successfully. Security and performance analysis results show that the proposed scheme can provide robust security properties with less authentication overhead.
- Network,
- E-invoice,
- Authentication,
- Privacy preserving

FullText(HTML)

References(25)

References

[1]	王玢. 电子发票系统与企业会计信息系统的协同对接研究[D]. [硕士论文], 首都经济贸易大学, 2017. WANG Fen. Study on synergy effect between E-invoice system and enterprise’s accounting system[D]. [Master dissertation], Capital University of Economics and Business, 2017.
[2]	徐丽军, 刘馨月. 关于电子发票推行的安全性问题研究[J]. 辽宁经济, 2018(7): 90–91. doi: 10.14041/j.cnki.1003-4617.2018.07.040 XU Lijun and LIU Xinyue. Research on the security of electronic invoice[J]. Liaoning Economy, 2018(7): 90–91. doi: 10.14041/j.cnki.1003-4617.2018.07.040
[3]	张庆胜, 刘海法. 基于区块链的电子发票系统研究[J]. 信息安全研究, 2017, 3(6): 516–522. doi: 10.3969/j.issn.2096-1057.2017.06.005 ZHANG Qingsheng and LIU Haifa. Research of electronic invoice system based on block chain[J]. Journal of Information Security Research, 2017, 3(6): 516–522. doi: 10.3969/j.issn.2096-1057.2017.06.005
[4]	李涛, 杜晓平, 杜晓媛, 等. 基于“互联网+”的发票一体化管理平台[J]. 国网技术学院学报, 2019, 22(4): 48–51. doi: 10.3969/j.issn.1008-3162.2019.04.014 LI Tao, DU Xiaoping, DU Xiaoyuan, et al. Invoice integrated management platform based on "Internet Plus"[J]. Journal of State Grid Technology College, 2019, 22(4): 48–51. doi: 10.3969/j.issn.1008-3162.2019.04.014
[5]	郝天新, 王海翔. 网络发票技术解决方案[J]. 现代电信科技, 2011, 41(10): 67–71. doi: 10.3969/j.issn.1002-5316.2011.10.024 HAO Tianxin and WANG Haixiang. Technology solution for online invoicing[J]. Modern Science &Technology of Telecommunications, 2011, 41(10): 67–71. doi: 10.3969/j.issn.1002-5316.2011.10.024
[6]	JAIN S and ASADULLAH A M. Aggregating bills and invoices on cloud for anytime anywhere access: A sustainable system[C]. The 3rd International Conference on Services in Emerging Markets, Mysore, India, 2012: 1–5.
[7]	CHU Hongyang, CHAI Yueting, LIU Yi, et al. A novel E-Invoice Framework towards data-oriented taxation system[C]. The IEEE 18th International Conference on Computer Supported Cooperative Work in Design (CSCWD), Hsinchu, China, 2014: 242–246.
[8]	ZHANG Wei. Online invoicing system based on QR code recognition and cloud storage[C]. The 2nd IEEE Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC), Xi'an, China, 2018: 2576–2579.
[9]	ŠPANIĆ D, RISTIĆ D, and VRDOLJAK B. An electronic invoicing system[C]. The 11th International Conference on Telecommunications, Graz, Austria, 2011: 149–156.
[10]	CHOI Y, LEE D, KIM J, et al. Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography[J]. Sensors, 2014, 14(6): 10081–10106. doi: 10.3390/s140610081
[11]	HE Debiao, KUMAR N, and CHILAMKURTI N. A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks[J]. Information Sciences, 2015, 321: 263–277. doi: 10.1016/j.ins.2015.02.010
[12]	CHANG C C and LE H D. A provably secure, efficient, and flexible authentication scheme for Ad hoc wireless sensor networks[J]. IEEE Transactions on Wireless Communications, 2016, 15(1): 357–366. doi: 10.1109/TWC.2015.2473165
[13]	LI Xiong, NIU Jianwei, BHUIYAN M Z A, et al. A robust ECC-based provable secure authentication protocol with privacy preserving for industrial internet of things[J]. IEEE Transactions on Industrial Informatics, 2018, 14(8): 3599–3609. doi: 10.1109/TII.2017.2773666
[14]	LI Xiong, PENG Jieyao, OBAIDAT M S, et al. A secure three-factor user authentication protocol with forward secrecy for wireless medical sensor network systems[J]. IEEE Systems Journal, 2020, 14(1): 39–50. doi: 10.1109/JSYST.2019.2899580
[15]	CUI Jie, ZHANG Xiaoyu, ZHONG Hong, et al. Extensible conditional privacy protection authentication scheme for secure vehicular networks in a multi-cloud environment[J]. IEEE Transactions on Information Forensics and Security, 2020, 15: 1654–1667. doi: 10.1109/TIFS.2019.2946933
[16]	XU Guoai, WANG Feifei, ZHANG Miao, et al. Efficient and provably secure anonymous user authentication scheme for patient monitoring using wireless medical sensor networks[J]. IEEE Access, 2020, 8: 47282–47294. doi: 10.1109/ACCESS.2020.2978891
[17]	YANG Qingyou, XUE Kaiping, XU Jie, et al. AnFRA: Anonymous and fast roaming authentication for space information network[J]. IEEE Transactions on Information Forensics and Security, 2019, 14(2): 486–497. doi: 10.1109/TIFS.2018.2854740
[18]	WANG Feifei, XU Guoai, and XU Guosheng. A provably secure anonymous biometrics-based authentication scheme for wireless sensor Networks Using Chaotic Map[J]. IEEE Access, 2019, 7: 101596–101608. doi: 10.1109/ACCESS.2019.2930542
[19]	QI Mingping, CHEN Jianhua, and CHEN Yitao. A secure biometrics-based authentication key exchange protocol for multi-server TMIS using ECC[J]. Computer Methods and Programs in Biomedicine, 2018, 164: 101–109. doi: 10.1016/j.cmpb.2018.07.008
[20]	The Tamarin Team. Tamarin-Prover manual security protocol analysis in the symbolic model[EB/OL]. https://tamarin-prover.github.io/manual/tex/tamarin-manual.pdf, 2021.
[21]	BASIN D, CREMERS C, KIM T H J, et al. Design, analysis, and implementation of ARPKI: An attack-resilient public-key infrastructure[J]. IEEE Transactions on Dependable and Secure Computing, 2018, 15(3): 393–408. doi: 10.1109/TDSC.2016.2601610
[22]	ROY S, CHATTERJEE S, DAS A K, et al. Chaotic map-based anonymous user authentication scheme with user biometrics and fuzzy extractor for crowdsourcing internet of things[J]. IEEE Internet of Things Journal, 2018, 5(4): 2884–2895. doi: 10.1109/JIOT.2017.2714179
[23]	SRINIVAS J, DAS A K, KUMAR N, et al. Cloud centric authentication for wearable healthcare monitoring system[J]. IEEE Transactions on Dependable and Secure Computing, 2020, 17(5): 942–956. doi: 10.1109/TDSC.2018.2828306
[24]	National Institute of Standards and Technology. SP 800-57 Recommendation for key management, part 1: General (Revised 4)[S]. National Institute of Standards and Technology, 2016.
[25]	National Institute of Standards and Technology. SP 800-56A Recommendation for pair-wise key establishment schemes using discrete logarithm cryptography (Revision 2)[S]. National Institute of Standards and Technology, 2013.