Security card face customization method and system based on homomorphic encryption and authorization factor

CN121211484BActive Publication Date: 2026-07-14金邦达有限公司

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
金邦达有限公司
Filing Date
2025-11-28
Publication Date
2026-07-14

AI Technical Summary

Technical Problem

Existing smart card face customization solutions have risks of user image data leakage, key transmission vulnerabilities, and a lack of refined authorization control, resulting in insufficient data security and controllability.

Method used

Homomorphic encryption and authorization factors are employed. The symmetric encryption key is encrypted with the homomorphic encryption public key to generate a process key. A one-time authorization factor is used to achieve blind key transmission and separation of decryption permissions, ensuring that the card customization platform cannot obtain plaintext images and the factory card production system can only decrypt them when authorized.

Benefits of technology

It achieves end-to-end privacy protection for user image data, ensuring that the factory can only decrypt it for specific orders, preventing key leakage, and enhancing the system's security, controllability, and precise authorization.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN121211484B_ABST
    Figure CN121211484B_ABST
Patent Text Reader

Abstract

The application provides a security card face customization method and system based on homomorphic encryption and authorization factors, which comprises the following steps: obtaining order information uploaded by a user end, and picture ciphertext and a process key corresponding to the order information; performing an audit operation in a trusted execution environment and returning an audit result; generating a one-time authorization factor corresponding to the order information after the individual picture passes the audit; using the homomorphism of homomorphic encryption, homomorphic encryption is performed on the process key based on the one-time authorization factor to obtain an authorization key; sending the picture ciphertext, the authorization key, the one-time authorization factor and the order information to a factory card system; the factory card system can recover a symmetric encryption key from the authorization key according to the one-time authorization factor and a saved homomorphic encryption private key, and restore the individual picture according to the symmetric encryption key, so that the problem that card face data is leaked and card order control is not fine enough in the existing smart card face customization process can be solved.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of smart card face customization technology, specifically to a secure card face customization method and system based on homomorphic encryption and authorization factors. Background Technology

[0002] With the increasing popularity of personalized customization services, the online card design customization business is also experiencing rapid growth. This business involves three parties: users, platforms, and card manufacturers. Users upload custom images to the platform, which is responsible for content review and order management, followed by printing and production by the card manufacturer. In this process, the card images uploaded by users may contain sensitive personal information, making it crucial to protect their privacy and security throughout the entire process.

[0003] Existing smart card face customization solutions have several security flaws. First, the platform server needs to perform intelligent review of user-uploaded images (such as content compliance checks), meaning the images exist in plaintext on the server, posing a high risk of data leakage. Once the platform server is attacked, all user images could be stolen. Second, the key transmission and management process also has vulnerabilities. Even if the platform server encrypts the stored images, the decryption key still needs to be transmitted to the card manufacturing factory. Current common key transmission methods (such as direct encrypted transmission) are still risky; the key may be intercepted or misused during transmission or after arriving at the factory, as either the platform or the factory may have full decryption capabilities. Furthermore, existing solutions lack minimum authorization and immediate control mechanisms. An ideal security state should achieve "decryption on demand" and "one-time key," meaning the factory can only decrypt the corresponding image when processing a specific order, and this permission expires immediately after use. However, current technology struggles to support such granular authorization management. Summary of the Invention

[0004] The primary objective of this invention is to provide a secure card face customization method based on homomorphic encryption and authorization factors, which can solve the problems of card face data leakage and insufficient control of card production orders in the existing smart card face customization process.

[0005] The second objective of this invention is to provide a system for implementing the above-mentioned method for customizing secure card faces based on homomorphic encryption and authorization factors.

[0006] To achieve the aforementioned primary objective, this invention provides a secure card face customization method based on homomorphic encryption and authorization factors, used in a card face customization platform. The method includes the following steps: obtaining order information uploaded by the user, as well as the corresponding image ciphertext and process key; wherein the process key is obtained by homomorphically encrypting the symmetric encryption key corresponding to the order information using a homomorphic encryption public key; the image ciphertext is used to encrypt a personalized image using the symmetric encryption key; an audit operation is performed in a trusted execution environment, the audit operation including: decrypting the process key using a homomorphic encryption private key to obtain a symmetric encryption key, and decrypting the image ciphertext using the symmetric encryption key to obtain the personalized image, auditing the personalized image, and returning the audit result; after the personalized image passes the audit, a one-time authorization factor corresponding to the order information is generated; utilizing the homomorphic property of homomorphic encryption, the process key is homomorphically encrypted based on the one-time authorization factor to obtain an authorization key; the image ciphertext, authorization key, one-time authorization factor, and order information are sent to a factory card production system; the factory card production system can recover the symmetric encryption key from the authorization key using the one-time authorization factor and the stored homomorphic encryption private key, and restore the personalized image using the symmetric encryption key.

[0007] As can be seen from the above scheme, the card customization platform of this invention can never obtain the plaintext of the symmetric key for decrypting the user's personalized image, nor does it need to store the image plaintext. This means that even if the platform database is compromised, attackers can only obtain the ciphertext of the image that cannot be decrypted and the process key that cannot be used directly, fundamentally protecting user privacy. This invention uniquely binds a one-time authorization factor to the order, requiring the card customization platform to generate a new one-time authorization factor for the current order every time the factory card production system decrypts. After production is completed, the one-time authorization factor becomes invalid, effectively preventing the symmetric encryption key recovered by the factory card production system from being used for other purposes. This invention conforms to the principle of least privilege, meaning that the factory can only recover the symmetric encryption key for decryption when it receives a clear authorization instruction from the platform (i.e., the one-time authorization factor), achieving precise authorization in the production process and enhancing the security and controllability of the entire system.

[0008] A further solution is to send the one-time authorization factor corresponding to the order information to the factory card-making system through a first independent secure channel; and to send the encrypted image and authorization key corresponding to the order information to the factory card-making system through a second independent secure channel.

[0009] Therefore, this invention can achieve separation of permissions and secure authorization. By introducing a one-time authorization factor and distributing the encrypted image and authorization key, along with the plaintext one-time authorization factor, through different secure channels, decryption permissions are separated. The card customization platform is responsible for "blinding" the key and transmitting data, while the factory card production system is responsible for final decryption; however, neither party can complete decryption independently. This effectively prevents key leakage caused by the compromise of internal personnel or a single node.

[0010] A further solution is to use a pre-set image recognition artificial intelligence model to review personalized images during the review process.

[0011] Therefore, it is evident that using existing image recognition AI models for review is more flexible than previous card review methods, and card customization platforms do not need to set up complex image review mechanisms, thus improving review efficiency.

[0012] A further approach is to utilize the homomorphism of homomorphic encryption to homomorphically encrypt the process key based on a one-time authorization factor. In the process of obtaining the authorization key, the homomorphism of the homomorphic encryption can be additive homomorphism, subtractive homomorphism, multiplicative homomorphism, or division homomorphism.

[0013] Therefore, it can be seen that the characteristics of homomorphic encryption can be fully utilized to establish a correlation between the one-time authorization factor and the process key, so that the subsequent factory card manufacturing system can recover the symmetric encryption key from the authorization key based on the one-time authorization factor.

[0014] A further approach is to include, upon returning the audit results, removing the symmetric encryption key and personalized images from the trusted execution environment.

[0015] Therefore, it is evident that after the review process, the symmetric encryption key and personalized image are also removed within the trusted execution environment. This ensures that plaintext data only appears during the review process and solely within the trusted execution environment, guaranteeing data security. The operating system of the card customization platform is unable to access the personalized image in plaintext form throughout the entire process.

[0016] A further approach is to uniquely correspond order information to both a symmetric encryption key and a one-time authorization factor.

[0017] To achieve the second objective mentioned above, this invention provides a secure card face customization system based on homomorphic encryption and authorization factors, comprising: a user client, a card face customization platform, and a factory card production system. The user client is connected to the card face customization platform, and the card face customization platform is connected to the factory card production system. The user client is used to: acquire uploaded personalized images; generate a symmetric encryption key corresponding to order information; ensure that order information corresponds to personalized images; obtain a homomorphic encryption public key from the card face customization platform; perform homomorphic encryption on the symmetric encryption key using the homomorphic encryption public key to obtain a process key; encrypt the personalized image using the symmetric encryption key to obtain image ciphertext; and upload the order information, image ciphertext, and process key to the card face customization platform. The card face customization platform is used to: The audit operation is performed in a trusted execution environment. The audit operation includes: decrypting the process key using a homomorphic encryption private key to obtain a symmetric encryption key, decrypting the image ciphertext using the symmetric encryption key to obtain a personalized image, auditing the personalized image, and returning the audit result; after the personalized image passes the audit, a one-time authorization factor corresponding to the order information is generated; using the homomorphic property of homomorphic encryption, the process key is homomorphically encrypted based on the one-time authorization factor to obtain an authorization key; the image ciphertext, authorization key, one-time authorization factor, and order information are sent to the factory card production system; the factory card production system is used to: recover the symmetric encryption key from the authorization key based on the one-time authorization factor and the saved homomorphic encryption private key, and restore the personalized image based on the symmetric encryption key.

[0018] As can be seen from the above scheme, the present invention, based on the key blinding and re-authorization mechanism of homomorphic encryption, enables the card face customization platform to "process" the already encrypted symmetric encryption key (i.e., associate it with a one-time authorization factor) through the homomorphism of homomorphic encryption without knowing the plaintext of the image key, and generate a new encryption that points to the final decryption party, thereby realizing the "one-time key" and "instant effect" of decryption permission.

[0019] A further solution is for the factory card manufacturing system to call the homomorphic encryption private key through the hardware encryption machine interface.

[0020] This demonstrates that it can prevent the leakage of plaintext private keys in homomorphic encryption.

[0021] A further approach is for the factory card manufacturing system to: decrypt the authorization key using the homomorphic encryption private key, then subtract the one-time authorization factor to recover the symmetric encryption key.

[0022] Therefore, it can be seen that the symmetric encryption key can be recovered by subtracting the one-time authorization factor based on the additive homomorphism of homomorphic encryption.

[0023] A further proposed solution is for the user client to: obtain the uploaded personalized image; obtain operation instructions that meet the set card printing rules; and edit the personalized image according to the operation instructions.

[0024] This demonstrates that the editing of uploaded personalized images must be subject to the established card printing rules. Attached Figure Description

[0025] Figure 1 This is a system architecture diagram of an embodiment of the secure card face customization system based on homomorphic encryption and authorization factors of the present invention.

[0026] Figure 2 This is a flowchart of the user client execution in an embodiment of the secure card face customization method based on homomorphic encryption and authorization factors of the present invention.

[0027] Figure 3 This is a flowchart of the card face customization platform execution in an embodiment of the secure card face customization method based on homomorphic encryption and authorization factors of the present invention.

[0028] Figure 4 yes Figure 3 The detailed flowchart of step S21.

[0029] Figure 5 This is a flowchart of the factory card manufacturing system execution in an embodiment of the secure card face customization method based on homomorphic encryption and authorization factors of the present invention.

[0030] The present invention will be further described below with reference to the accompanying drawings and embodiments. Detailed Implementation

[0031] This invention provides a secure card face customization method based on homomorphic encryption and authorization factors. By utilizing homomorphic encryption and authorization factors, the card face customization platform can complete the review process without knowing the user's image in plaintext. Furthermore, it can securely and controllably authorize the card manufacturing plant system to decrypt specified images, thus achieving privacy protection for user image data throughout the entire smart card face customization process. This invention also provides a system for implementing the aforementioned secure card face customization method based on homomorphic encryption and authorization factors.

[0032] Example of a secure card face customization system based on homomorphic encryption and authorization factors:

[0033] See Figure 1 The secure card face customization system based on homomorphic encryption and authorization factors in this embodiment includes a user client 10, a card face customization platform 20, and a factory card production system 30. The user client 10 is connected to the card face customization platform 20, and the card face customization platform 20 is connected to the factory card production system 30, enabling data transmission between the user client 10 and the card face customization platform 20, and between the card face customization platform 20 and the factory card production system 30.

[0034] User client 10 is used to obtain personalized images uploaded by users for smart card face customization. It has image encryption and homomorphic encryption capabilities. It can encrypt the personalized image using a symmetric encryption key to obtain the image ciphertext, and it can also perform homomorphic encryption on the symmetric encryption key to obtain the process key. Specifically, the user uploads the personalized image they want to use on the smart card face to user client 10. The user client generates a corresponding order and a symmetric encryption key for the order. This symmetric encryption key is used to encrypt the personalized image to obtain the encrypted image ciphertext. Then, the user client uses the homomorphic encryption public key obtained from the card face customization platform to encrypt the generated symmetric encryption key to obtain the process key. Finally, the process key, the image ciphertext, and the order information are sent to card face customization platform 20.

[0035] Order information describes the basic information of the order, which may include the order code and card type. The order code is used to uniquely identify the order. The order information, along with the corresponding encrypted image and process key, is sent to the card customization platform 20. The card customization platform 20 can then distinguish between different orders based on the order information, as well as the encrypted image and process key within each order.

[0036] User client 10 can run on a user's smartphone and use a mini-program or application running on the smartphone to obtain personalized images, encrypt personalized images with a symmetric encryption key, and encrypt the symmetric encryption key.

[0037] The card customization platform 20 is used to manage orders, review images, generate one-time authorization factors for orders, and perform homomorphic encryption operations. Specifically, the card customization platform 20 performs review operations in a trusted execution environment. These operations include: decrypting the process key using a homomorphic encryption private key to obtain a symmetric encryption key; decrypting the image ciphertext using the symmetric encryption key to obtain a personalized image; reviewing the personalized image; and returning the review result. After the personalized image passes review, a one-time authorization factor corresponding to the order information is generated. Then, utilizing the homomorphic property of homomorphic encryption, the process key is homomorphically encrypted based on the one-time authorization factor to obtain the authorization key. The image ciphertext, authorization key, one-time authorization factor, and order information are sent to the factory card production system.

[0038] The card customization platform 20 can be deployed and run on server clusters with processors that support Trusted Execution Environments (TEEs), such as Intel SGX, AMD SEV, and ARM TrustZone CPUs.

[0039] The factory card-making system 30 is used to decrypt homomorphic ciphertext, recover the symmetric encryption key, and decrypt image ciphertext. Specifically, it recovers the symmetric encryption key from the authorization key based on the one-time authorization factor and the stored homomorphic encryption private key, and then restores the personalized image based on the symmetric encryption key, thus enabling card production based on the personalized image.

[0040] The homomorphic encryption private key can be stored in the hardware encryption machine, and the factory card manufacturing system 30 calls the homomorphic encryption private key through the hardware encryption machine interface.

[0041] Example of a secure card face customization method based on homomorphic encryption and authorization factors:

[0042] This embodiment is implemented by computer program execution, as described below. Figures 2 to 5 This paper introduces the implementation process of a specific security card face customization method.

[0043] See Figure 2 The user client performs the following steps:

[0044] S11: Retrieve the uploaded personalized image and edit it according to the operation instructions.

[0045] Users upload personalized images they wish to use on their smart cards, and then edit these images on their client devices. This includes actions such as cropping, scaling, and applying AIGC style changes, all while adhering to pre-defined card printing rules, such as image size and scaling range. During editing, the user client receives the corresponding instructions that meet these rules, allowing the user to refine their personalized image accordingly.

[0046] S12: Obtain confirmation command.

[0047] Based on the confirmation command triggered by the user, it can be determined that the current personalized image will be used for the subsequent production of the smart card face.

[0048] S13: Generate the symmetric encryption key corresponding to the order information.

[0049] Each user-uploaded personalized image corresponds to a specific smart card order. The order information includes a unique order code, which uniquely identifies each smart card order. A unique symmetric encryption key needs to be generated for each smart card order. In this embodiment, the generated symmetric encryption key is denoted as K_img.

[0050] S14: Obtain the homomorphic encryption public key from the card customization platform, and use the homomorphic encryption public key to homomorphically encrypt the symmetric encryption key to obtain the process key.

[0051] In this embodiment, the homomorphic encryption public key is denoted as PK_HE. The symmetric encryption key K_img is homomorphically encrypted using the homomorphic encryption public key to obtain the process key, which is denoted as E(PK_HE, K_img).

[0052] S15: Encrypt the edited personalized image using a symmetric encryption key to obtain the image ciphertext.

[0053] The edited personalized image is encrypted using a symmetric encryption key K_img to obtain the image ciphertext, which is represented as C_img.

[0054] S16: Upload the order information, encrypted images, and process key to the card customization platform.

[0055] See Figure 3 The card customization platform implements the following steps:

[0056] S21: Review personalized images within a metric-verified TEE enclave.

[0057] The review process is conducted within a metric-verified TEE enclave to ensure that even the platform's operating system kernel cannot obtain plaintext personalized images.

[0058] S22: After the review is approved, a one-time authorization factor corresponding to the order information is generated.

[0059] One approach is to process the order code of the order information using existing algorithms to obtain a random one-time authorization factor. For example, the order code can be converted into a standard byte sequence (such as UTF-8), and then a hash algorithm (such as SHA-256 for security scenarios) can be used to generate the one-time authorization factor.

[0060] S23: Utilize the additive homomorphism of homomorphic encryption and the one-time authorization factor to perform encrypted calculations on the process key to obtain the authorization key.

[0061] In this embodiment, the additive homomorphism of homomorphic encryption is used to perform encryption calculations to obtain the authorization key. The one-time authorization factor is represented by delta, and the authorization key is represented by C_key_new, where C_key_new = E(PK_HE, K_img + delta).

[0062] Optionally, in other embodiments, the homomorphism of homomorphic encryption, such as subtraction homomorphism, multiplication homomorphism, or division homomorphism, can be used to associate a one-time authorization factor with the ciphertext of the process key.

[0063] S24: Send the one-time authorization factor corresponding to the order information to the factory card making system through the first independent security channel.

[0064] Specifically, this could involve encrypting the one-time authorization factor using the asymmetric public key provided by the factory card-making system and then sending it separately to the factory card-making system.

[0065] Optionally, the order information and one-time authorization factor can be encrypted using the asymmetric public key provided by the factory card making system and then sent separately to the factory card making system.

[0066] S25: Package the order information, encrypted images, and authorization keys into a card production data package and send it to the factory card production system through a second independent secure channel.

[0067] Specifically, this can be achieved by packaging the encrypted image and authorization key into a card-making data packet and sending it to the factory's card-making system via a dedicated line.

[0068] See Figure 4 Step S21 above specifically includes the following steps:

[0069] S211: Load the image review module and homomorphic encryption private key into the metric-verified TEE enclave.

[0070] S212: Pass the encrypted image and process key corresponding to the received order information to the TEE enclave.

[0071] When personalized image review is required, the received image ciphertext C_img and process key E(PK_HE, K_img) are passed to the TEE enclave. The operating system outside the TEE enclave cannot read the memory contents within the TEE enclave.

[0072] S213: Use the homomorphic encryption private key in the TEE enclave to decrypt the process key and obtain the symmetric encryption key.

[0073] The homomorphic encryption private key is denoted as SK_HE. In the TEE enclave, the homomorphic encryption private key is used to decrypt the process key E(PK_HE, K_img) to obtain the plaintext symmetric encryption key K_img.

[0074] S214: Use a symmetric encryption key to decrypt the image ciphertext in the TEE enclave to obtain a personalized image.

[0075] In the TEE enclave, the image ciphertext C_img is decrypted using the symmetric encryption key K_img to obtain the personalized image. At this point, the personalized image only exists within the TEE enclave.

[0076] S215: Conduct compliance analysis on personalized images within TEE enclaves.

[0077] Within the TEE enclave, an image recognition AI model (such as a CNN network) runs to perform compliance analysis on personalized images. The specific content of the compliance analysis depends on the actual situation, such as analyzing whether the content of the personalized image violates legal and regulatory requirements.

[0078] S216: After the analysis is completed, securely erase the symmetric encryption key, personalized images, and intermediate computation data in the TEE enclave, and return the audit results.

[0079] Therefore, after the review is completed, the TEE enclave does not save any data related to card customization. The review result is a simple conclusion, such as: status: "APPROVED" or status: "REJECTED", reason: "Violation". The card production platform can then determine whether the current order should proceed to the next stage based on the review result. If the review is successful, step S22 can be executed. If the review fails, a corresponding prompt message can be returned to the user's client.

[0080] See Figure 5 The factory card-making system performs the following steps:

[0081] S31: Decrypt the authorization key using the homomorphic encryption private key.

[0082] The factory card manufacturing system uses the homomorphic encryption private key SK_HE to decrypt the authorization key C_key_new, and the decrypted authorization key is represented as (K_img + delta).

[0083] S32: Subtract the one-time authorization factor from the decrypted authorization key to recover the symmetric encryption key.

[0084] The symmetric encryption key K_img can be recovered by subtracting the one-time authorization factor delta from the decrypted authorization key (K_img + delta).

[0085] S33: Decrypt the ciphertext of the image using the symmetric encryption key to obtain the personalized image.

[0086] Specifically, the symmetric encryption key K_img can be used to decrypt the image ciphertext C_img, thus obtaining the personalized image.

[0087] S34: Create cards based on personalized images.

[0088] S35: After card production is completed, clear the personalized image, one-time authorization factor, and symmetric encryption key.

[0089] Therefore, once the card is created based on the personalized image, the personalized image, one-time authorization factor, and symmetric encryption key can be securely deleted.

[0090] Those skilled in the art will understand that the steps performed independently by the user client, card customization platform, and factory card production system described above are exemplary. Without affecting the technical effect of the present invention, the execution order of each step performed independently by the user client, card customization platform, and factory card production system can be adjusted as needed, for example, the execution order of steps S24 and S25 can be swapped.

[0091] In summary, the card customization platform of this invention can never obtain the plaintext of the symmetric key used to decrypt the user's personalized image, nor does it need to store the plaintext image. This ensures that even if the platform's database is compromised, attackers can only obtain the ciphertext of the image, which cannot be decrypted, and the process key, which cannot be used directly, thus fundamentally protecting user privacy. Furthermore, this invention uniquely binds a one-time authorization factor to each order, requiring the card customization platform to generate a new one-time authorization factor for each order before the factory card production system can decrypt. After production is completed, the one-time authorization factor becomes invalid, effectively preventing the symmetric encryption key recovered by the factory card production system from being used for other purposes. This invention adheres to the principle of least privilege, meaning that the factory can only recover the symmetric encryption key for decryption when it receives a clear authorization instruction from the platform (i.e., the one-time authorization factor), achieving precise authorization in the production process and enhancing the security and controllability of the entire system.

[0092] Finally, it should be emphasized that the above description is only a preferred embodiment of the present invention and is not intended to limit the present invention. For those skilled in the art, the present invention can have various changes and modifications. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of the present invention should be included within the protection scope of the present invention.

Claims

1. A secure card face customization method based on homomorphic encryption and authorization factors, used in a card face customization platform, characterized in that, Includes the following steps: The system obtains order information uploaded by the user, as well as the corresponding image ciphertext and process key; wherein, the process key is obtained by homomorphically encrypting the symmetric encryption key corresponding to the order information using a homomorphic encryption public key; the image ciphertext is obtained by encrypting a personalized image using the symmetric encryption key. The audit operation is performed in a trusted execution environment. The audit operation includes: decrypting the process key using a homomorphic encryption private key to obtain the symmetric encryption key, decrypting the image ciphertext using the symmetric encryption key to obtain the personalized image, auditing the personalized image, and returning the audit result; after returning the audit result, removing the symmetric encryption key and the personalized image from the trusted execution environment. After the personalized image passes the review, a one-time authorization factor corresponding to the order information is generated; the order information is uniquely associated with both the symmetric encryption key and the one-time authorization factor; the order information includes an order code, which is used to uniquely identify the order. By utilizing the homomorphic property of homomorphic encryption, the process key is homomorphically encrypted based on the one-time authorization factor to obtain the authorization key; The encrypted image, the authorization key, the one-time authorization factor, and the order information are sent to the factory card-making system. The factory card-making system can decrypt the authorization key using the stored homomorphic encryption private key to obtain the decrypted authorization key, recover the symmetric encryption key from the decrypted authorization key using the one-time authorization factor, and restore the personalized image using the symmetric encryption key. The one-time authorization factor corresponding to the order information is sent to the factory card-making system through a first independent secure channel; the encrypted image and the authorization key corresponding to the order information are sent to the factory card-making system through a second independent secure channel.

2. The secure card face customization method based on homomorphic encryption and authorization factors as described in claim 1, characterized in that: When reviewing the personalized images, a pre-set image recognition artificial intelligence model is used to review them.

3. The secure card face customization method based on homomorphic encryption and authorization factors as described in claim 1, characterized in that: By utilizing the homomorphism of homomorphic encryption, the process key is homomorphically encrypted based on the one-time authorization factor to obtain the authorization key. In this process, the homomorphism of the homomorphic encryption is additive homomorphism, subtractive homomorphism, multiplicative homomorphism, or division homomorphism.

4. A secure card face customization system based on homomorphic encryption and authorization factors, characterized in that, include: The system comprises a user client, a card face customization platform, and a factory card production system, wherein the user client is connected to the card face customization platform, and the card face customization platform is connected to the factory card production system. The user client is used for: Retrieve uploaded personalized images; Generate the symmetric encryption key corresponding to the order information; The order information corresponds to the personalized image; Obtain the homomorphic encryption public key from the card customization platform, and homomorphically encrypt the symmetric encryption key using the homomorphic encryption public key to obtain the process key; The personalized image is encrypted using the symmetric encryption key to obtain the image ciphertext; Upload the order information, the encrypted image, and the process key to the card customization platform; The card customization platform is used for: The audit operation is performed in a trusted execution environment. The audit operation includes: decrypting the process key using a homomorphic encryption private key to obtain the symmetric encryption key, decrypting the image ciphertext using the symmetric encryption key to obtain the personalized image, auditing the personalized image, and returning the audit result; after returning the audit result, removing the symmetric encryption key and the personalized image from the trusted execution environment; after the personalized image passes the audit, generating a one-time authorization factor corresponding to the order information; the order information uniquely corresponds to both the symmetric encryption key and the one-time authorization factor; the order information includes an order code, which is used to uniquely identify the order; By utilizing the homomorphic property of homomorphic encryption, the process key is homomorphically encrypted based on the one-time authorization factor to obtain the authorization key; The encrypted image, the authorization key, the one-time authorization factor, and the order information are sent to the factory card-making system; wherein, the one-time authorization factor corresponding to the order information is sent to the factory card-making system through a first independent secure channel; the encrypted image and the authorization key corresponding to the order information are sent to the factory card-making system through a second independent secure channel. The factory card-making system is used for: The authorization key is decrypted using the stored homomorphic encryption private key to obtain the decrypted authorization key. The symmetric encryption key is then recovered from the decrypted authorization key using the one-time authorization factor, and the personalized image is restored using the symmetric encryption key.

5. The secure card face customization system based on homomorphic encryption and authorization factors as described in claim 4, characterized in that: The factory card-making system calls the homomorphic encryption private key through the hardware encryption machine interface.

6. The secure card face customization system based on homomorphic encryption and authorization factors as described in claim 4, characterized in that: The factory card-making system is used for: The authorization key is decrypted using the homomorphic encryption private key, and then the one-time authorization factor is subtracted to recover the symmetric encryption key.

7. The secure card face customization system based on homomorphic encryption and authorization factors as described in claim 4, characterized in that: The user client is used for: After obtaining the uploaded personalized image; Obtain operation instructions that meet the set card printing rules, and edit the personalized image according to the operation instructions.