File sharing method and electronic device

By separating the transmission of file keys and data, and using encryption and access control policies, the problem of the sender losing control during file sharing is solved, thus achieving secure and efficient file sharing.

CN120825702BActive Publication Date: 2026-06-19HONOR DEVICE CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
HONOR DEVICE CO LTD
Filing Date
2024-04-03
Publication Date
2026-06-19

AI Technical Summary

Technical Problem

During file sharing, the sender loses control of the file, which affects the security and controllability of the file sharing process.

Method used

The file to be shared is encrypted by randomly generating a file key, generating ciphertext of the shared file, and then the file key is encrypted using an encryption public key to generate a file key envelope. At the same time, access policy parameters are generated, and the shared file header and access policy data are constructed. The data is then transmitted and controlled through a key management platform.

Benefits of technology

It enables fine-grained access control over the file sharing process, improving the privacy and security of file sharing and ensuring that only the designated recipient can decrypt the file.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN120825702B_ABST
    Figure CN120825702B_ABST
Patent Text Reader

Abstract

This application provides a file sharing method and electronic device. In this method, a first terminal encrypts the file to be shared using a randomly generated file key to obtain ciphertext of the shared file; it then encrypts the file key using a public key to obtain a file key envelope. In response to access policy parameters generated for the file to be shared, the first terminal generates a share file header and access policy data corresponding to the access policy parameters. The first terminal sends the file key envelope and access policy data to a key management platform, and also sends the share file header and ciphertext of the shared file to a second terminal corresponding to the recipient via a third-party application. By generating a share file header and access policy data, more granular access control is achieved over the ciphertext of the shared file, effectively protecting the privacy and security of the file sharing process.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of terminal technology, and in particular to a file sharing method and an electronic device. Background Technology

[0002] With the advent of the digital age, file sharing has become a common communication activity among people. For example, in daily life and office settings, people may frequently use social media to share files.

[0003] Then, after sending the file, the sender often loses control of the file, and the security and controllability of file sharing are affected. Summary of the Invention

[0004] To address the aforementioned technical problems, this application provides a file sharing method and an electronic device. In this method, a first terminal encrypts the file to be shared using a randomly generated file key to obtain ciphertext of the shared file; it then encrypts the file key using an encryption public key to obtain a file key envelope. In response to access policy parameters generated for the file to be shared, the first terminal generates a share file header and access policy data corresponding to the access policy parameters. The first terminal sends the file key envelope and access policy data to a key management platform, and also sends the share file header and ciphertext of the shared file to a second terminal corresponding to the recipient via a third-party application. By generating a share file header and access policy data, more granular access control is achieved over the ciphertext of the shared file, effectively protecting the privacy and security of the file sharing process.

[0005] In a first aspect, embodiments of this application provide a file sharing method applied to a first terminal. The method includes: in response to the identification information of a user-selected recipient, sending the identification information to a key management platform; receiving an encryption public key returned by the key management platform that matches the identification information; encrypting a file to be shared using a randomly generated file key to obtain ciphertext of the shared file; encrypting the file key using the encryption public key to obtain a file key envelope; in response to access policy parameters generated for the file to be shared, generating a shared file header and access policy data corresponding to the access policy parameters; sending the file key envelope and the access policy data to the key management platform; and sending the shared file header and the ciphertext of the shared file to a second terminal corresponding to the recipient through a third-party application.

[0006] By adopting a scheme that separates keys and data, and transmitting key streams and data streams through different paths, it is beneficial to achieve a secure and efficient file sharing method.

[0007] According to the first aspect, the first terminal includes a file sharing application, which provides key management and encryption / decryption functions, and the file sharing application and the key management platform implement the file sharing method through data interaction.

[0008] According to the first aspect, or any implementation of the first aspect above, the method further includes: during the file sharing process, the file sharing application displays an authorization policy parameter matching the file to be shared; and in response to a parameter giving operation for the authorization policy parameter, the file sharing application uses the given parameter as the access policy parameter generated for the file to be shared.

[0009] According to the first aspect, or any implementation of the first aspect above, generating a shared file header corresponding to the access policy parameters generated for the file to be shared includes: based on the access policy parameters, the file sharing application determines an access control identifier matching the file to be shared; and the file sharing application constructs the shared file header containing the access control identifier, wherein the access control identifier is used to indicate the file access parameters that the second terminal needs to report when viewing the encrypted shared file.

[0010] According to the first aspect, or any implementation of the first aspect above, the file access parameters include at least one of the following parameters: timestamp parameter, location identification parameter, and terminal identification parameter.

[0011] According to the first aspect, or any implementation of the first aspect above, the access policy parameters include at least one of the following parameters: file validity period, trusted access address, trusted access time, terminal restriction parameters, and access restriction number of times.

[0012] According to the first aspect, or any implementation of the first aspect above, sending the file key envelope and the access policy data to the key management platform includes: the file sharing application packaging the file key envelope and the access policy data to obtain the access control data of the file to be shared; the file sharing application signing the access control data using a signing private key, and sending the signed access control data to the key management platform.

[0013] According to the first aspect, or any implementation of the first aspect above, sending the shared file header and the shared file ciphertext to the second terminal corresponding to the recipient via a third-party application includes: the file-sharing application merging the shared file header and the shared file ciphertext to obtain a shared file package; and the file-sharing application sending the shared file package to the second terminal via a social platform or instant messaging software in the first terminal.

[0014] According to the first aspect, or any implementation of the first aspect above, when a user uses the file sharing application for the first time, the file sharing application automatically generates an encryption key pair and a signing key pair, and uploads the encryption public key and the signing public key to the key management platform.

[0015] According to the first aspect, or any implementation of the first aspect above, the key management platform is a cloud service platform composed of a computer cluster.

[0016] According to the first aspect, or any implementation of the first aspect above, the identification information includes an email address or a mobile phone number.

[0017] Secondly, embodiments of this application provide a file sharing method applied to a second terminal, the second terminal including a file sharing application. The method includes: in response to viewing a shared file packet sent by a first terminal through the file sharing application, the file sharing application parses the shared file header to obtain an access control identifier matching the encrypted shared file, wherein the shared file header and the encrypted shared file constitute the shared file packet; when the access control identifier indicates that file access parameters need to be reported, the file sharing application obtains the file access parameters from the trusted execution environment of the second terminal; the file sharing application sends a key acquisition request to a key management platform, the key acquisition request carrying the file access parameters and the identifier information of the recipient; the file sharing application receives a file key envelope returned by the key management platform based on the file access parameters and the identifier information; the file sharing application decrypts the file key envelope using a decryption private key to obtain a file key; and the file sharing application decrypts the encrypted shared file using the file key to obtain and display the shared file content.

[0018] According to the second aspect, in response to viewing a shared file package sent by the first terminal through the file sharing application, the file sharing application parsing the shared file header includes: in response to a third-party application receiving the shared file package sent by the first terminal, displaying an option to view the shared file package through the file sharing application; and in response to a triggering operation for the option, the file sharing application parsing the shared file header in the shared file package.

[0019] According to the second aspect, or any implementation of the second aspect above, when the access control identifier indicates that file access parameters need to be reported, the file sharing application obtains the file access parameters from the trusted execution environment of the second terminal, including: when the access control identifier indicates that the file access parameters need to be reported, the file sharing application obtains the file access parameters signed by the trusted execution environment from the second terminal, wherein the file access parameters include at least one of the following parameters: timestamp parameter, location identification parameter, and terminal identification parameter.

[0020] According to the second aspect, or any implementation of the second aspect above, the method further includes: in response to completing the decryption operation on the encrypted shared file, the file sharing application clears the file key and the file key envelope.

[0021] According to the second aspect, or any implementation of the second aspect above, the method further includes: in response to detecting an operation of exiting the file sharing application, the file sharing application clears the shared file content stored in memory.

[0022] According to the second aspect, and any implementation thereof, there are corresponding aspects to the first aspect and any implementation thereof. The technical effects corresponding to the second aspect and any implementation thereof can be found in the technical effects corresponding to the first aspect and any implementation thereof, as described above, and will not be repeated here.

[0023] Thirdly, embodiments of this application provide a file sharing method applied to an end-to-end encryption system. The system includes a first terminal, a second terminal, and a key management platform. The method includes: the first terminal sending identification information of a user-selected recipient to the key management platform; the key management platform returning an encryption public key matching the identification information to the first terminal; the first terminal encrypting the file to be shared using a randomly generated file key to obtain ciphertext of the shared file, and encrypting the file key using the encryption public key to obtain a file key envelope; the first terminal generating a shared file header and access policy data corresponding to the access policy parameters generated for the file to be shared; the first terminal sending the file key envelope and the access policy data to the key management platform, and sending a shared file package to the second terminal through a third-party application, the shared file package including the shared file header and the ciphertext of the shared file; In response to the received shared file packet, the second terminal parses the shared file header to obtain an access control identifier matching the encrypted shared file. If the access control identifier indicates that file access parameters need to be reported, the second terminal obtains the file access parameters from the trusted execution environment. The second terminal sends a key acquisition request to the key management platform, the key acquisition request carrying the file access parameters and the identifier information of the recipient. Based on the received file access parameters and the identifier information, the key management platform determines whether all access policy parameters for the encrypted shared file are satisfied. In response that all access policy parameters for the encrypted shared file are satisfied, the key management platform returns the file key envelope to the second terminal. The second terminal decrypts the file key envelope using a decryption private key to obtain the file key. The second terminal then uses the file key to decrypt the encrypted shared file to obtain and display the shared file content.

[0024] According to the third aspect, the first terminal sends the file key envelope and the access policy data to the key management platform, including: the first terminal packages the file key envelope and the access policy data to obtain the access control data of the file to be shared; and the first terminal signs the access control data using a signing private key and sends the signed access control data to the key management platform.

[0025] According to the third aspect, and any implementation thereof, the method further includes: the key management platform, in response to the received key acquisition request, performing signature verification on the access control data using a signature public key matched with the sharer; and if the signature verification is successful, the key management platform parses the access control data to obtain the file key envelope and the access policy data.

[0026] According to the third aspect and any implementation thereof, the key management platform determines whether all access policy parameters for the shared encrypted file are satisfied based on the received file access parameters and the identification information, including: the key management platform determines whether the user of the second terminal is the target user for sharing the shared encrypted file based on the received identification information; if the user of the second terminal is the target user, the key management platform determines whether the file access parameters satisfy the corresponding access policy parameters; and if the file access parameters satisfy the corresponding access policy parameters, the key management platform determines whether all other access policy parameters besides the corresponding access policy parameters are satisfied based on the received log data matching the identification information.

[0027] According to the third aspect and any implementation thereof, the file access parameters include at least one of the following parameters: timestamp parameter, location identification parameter, and terminal identification parameter; and the access policy parameters include at least one of the following parameters: file validity period, trusted access address, trusted access time, terminal restriction parameter, and access restriction number of times.

[0028] According to the third aspect and any implementation thereof, the key management platform determines whether the file access parameters satisfy the corresponding access policy parameters, including at least one of the following: determining whether the time when the second terminal requests to view the encrypted shared file satisfies the file validity period and / or the trusted access time based on the timestamp parameter; determining whether the address at which the second terminal requests to view the encrypted shared file is the trusted access address based on the location identification parameter; and determining whether the second terminal meets the terminal restriction parameters based on the terminal identification parameter.

[0029] Fourthly, embodiments of this application provide an electronic device, including: one or more processors, a memory, and one or more computer programs, wherein the one or more computer programs are stored in the memory, and when the computer programs are executed by the one or more processors, the electronic device performs the following steps: in response to the identification information of a user-selected sharer, sending the identification information to a key management platform; receiving an encryption public key returned by the key management platform that matches the identification information; encrypting a file to be shared using a randomly generated file key to obtain ciphertext of the sharer file; encrypting the file key using the encryption public key to obtain a file key envelope; in response to access policy parameters generated for the file to be shared, generating a sharer file header and access policy data corresponding to the access policy parameters; sending the file key envelope and the access policy data to the key management platform; and sending the sharer file header and the ciphertext of the sharer file to a second terminal corresponding to the sharer file via a third-party application.

[0030] Fifthly, embodiments of this application provide an electronic device, including: one or more processors, a memory, a file-sharing application, and one or more computer programs, wherein the one or more computer programs are stored on the memory, and when the computer programs are executed by the one or more processors, the electronic device performs the following steps: in response to viewing a shared file packet sent by a first terminal through the file-sharing application, the file-sharing application parses the shared file header to obtain an access control identifier matching the encrypted shared file, wherein the shared file header and the encrypted shared file constitute the shared file packet; if the access control identifier indicates that file access parameters need to be reported, the file-sharing application obtains the file access parameters from the trusted execution environment of a second terminal; the file-sharing application sends a key acquisition request to a key management platform, the key acquisition request carrying the file access parameters and the identifier information of the recipient; the file-sharing application receives a file key envelope returned by the key management platform based on the file access parameters and the identifier information; the file-sharing application decrypts the file key envelope using a decryption private key to obtain a file key; and the file-sharing application decrypts the encrypted shared file using the file key to obtain and display the shared file content.

[0031] In a sixth aspect, embodiments of this application provide a computer-readable medium for storing a computer program, the computer program including instructions for performing the methods of the first, second, and third aspects or any possible implementations of the first, second, and third aspects.

[0032] In a seventh aspect, embodiments of this application provide a computer program including instructions for performing the methods of the first, second, and third aspects or any possible implementations of the first, second, and third aspects.

[0033] Eighthly, embodiments of this application provide a chip including a processing circuit and transceiver pins. The transceiver pins and the processing circuit communicate with each other via an internal connection path. The processing circuit executes the method in the first aspect or any possible implementation of the first aspect to control the receiving pin to receive signals and to control the transmitting pin to transmit signals. Attached Figure Description

[0034] Figure 1 This is a schematic diagram illustrating an existing file sharing process;

[0035] Figure 2 This is a schematic diagram of the structure of an electronic device as an example.

[0036] Figure 3 A software architecture block diagram of an electronic device as an example;

[0037] Figure 4 A schematic diagram illustrating a file sharing process provided in an embodiment of this application;

[0038] Figure 5 A flowchart illustrating a file sharing method provided in an embodiment of this application;

[0039] Figure 6 A schematic diagram illustrating another file-sharing process provided for an embodiment of this application;

[0040] Figure 7 A schematic diagram illustrating another file sharing process provided for an embodiment of this application;

[0041] Figure 8 A schematic diagram illustrating yet another file-sharing process provided in an embodiment of this application;

[0042] Figure 9 A schematic diagram illustrating the access policy parameters provided in an embodiment of this application;

[0043] Figure 10 A schematic diagram illustrating the verification process of file access parameters provided in this application embodiment;

[0044] Figure 11 A flowchart illustrating a key management method provided in an embodiment of this application;

[0045] Figure 12 A schematic diagram illustrating a key management process provided in an embodiment of this application;

[0046] Figure 13A schematic diagram illustrating yet another key management process provided in an embodiment of this application;

[0047] Figure 14 This is a schematic diagram illustrating yet another file sharing process provided in an embodiment of this application. Detailed Implementation

[0048] The technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, not all embodiments. Based on the embodiments of this application, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this application.

[0049] In this article, the term "and / or" is merely a description of the relationship between related objects, indicating that there can be three relationships. For example, A and / or B can represent three situations: A exists alone, A and B exist simultaneously, and B exists alone.

[0050] The terms "first" and "second," etc., used in the specification and claims of this application are used to distinguish different objects, not to describe a specific order of objects. For example, "first target object" and "second target object," etc., are used to distinguish different target objects, not to describe a specific order of target objects.

[0051] In the embodiments of this application, the words "exemplarily" or "for example" are used to indicate examples, illustrations, or explanations. Any embodiment or design described as "exemplarily" or "for example" in the embodiments of this application should not be construed as being more preferred or advantageous than other embodiments or design solutions. Specifically, the use of the words "exemplarily" or "for example" is intended to present the relevant concepts in a specific manner.

[0052] In the description of the embodiments in this application, unless otherwise stated, "multiple" means two or more. For example, multiple processing units means two or more processing units; multiple systems means two or more systems.

[0053] Before describing the technical solutions of the embodiments of this application, the application scenarios of the embodiments of this application will first be described with reference to the accompanying drawings. In daily life and work, it is often necessary to share files through chat software such as WeChat and QQ. Figure 1 An exemplary diagram illustrates an existing file-sharing process. Figure 1As shown, the sender selects a file to be shared, such as a document, image, or video, based on the first terminal 101. The sender uses an encryption tool or plugin to encrypt the selected file, obtaining the ciphertext for sharing. During the encryption process, a file key is generated, used to decrypt the ciphertext; only the sender and the designated recipient can access the file key. The sender sends the data 102 to be shared, including the ciphertext and the file key, to the second terminal 104 corresponding to the recipient via instant messaging software 103 (such as WeChat). After receiving the ciphertext, the recipient uses the key to decrypt it, obtaining the file content.

[0054] In existing file-sharing processes, once a file is sent, the sender usually loses control of it, and the recipient can forward it again without the sender's knowledge. For sensitive and important files, such as design drafts and financial documents, unauthorized forwarding could harm the sender's interests.

[0055] This application proposes an end-to-end encryption scheme for electronic devices. By employing a data and key separation scheme, only a designated recipient can decrypt the file, and the file cannot be opened even if it is forwarded again. Simultaneously, users can send files using familiar methods such as WeChat and QQ, but the key is transmitted through a separate cloud service, improving data security.

[0056] Electronic devices may include mobile phones, tablets, smartwatches, laptops, smart home devices, in-vehicle devices, and virtual-physical fusion devices. The embodiments of this application can be applied to various scenarios requiring file sharing.

[0057] like Figure 2 The diagram shows the structure of electronic device 100. Optionally, electronic device 100 can be referred to as a terminal or a terminal device. The specific product form of electronic device 100 can be a smart terminal, such as a mobile phone, tablet computer, wearable device, augmented reality / virtual reality device, laptop computer, in-vehicle device, personal digital assistant (PDA), or other electronic devices with file-sharing functions. Specifically, the functional modules involved in this application can be deployed on the DSP chip of the relevant device, specifically as applications or software. A file-sharing function can be implemented through software installation or upgrades, and through hardware calls and coordination.

[0058] It should be understood that, Figure 2 The electronic device 100 shown is only one example of an electronic device, and the electronic device 100 may have more or fewer components than shown in the figure, may combine two or more components, or may have different component configurations. Figure 2 The various components shown can be implemented in hardware, software, or a combination of hardware and software, including one or more signal processing and / or application-specific integrated circuits.

[0059] Electronic device 100 may include: processor 110, memory 200, mobile communication module 130, wireless communication module 140, sensor module 150, button 160, motor 161, indicator 162, camera 163, and display screen 164. Sensor module 150 may include pressure sensor, gyroscope sensor, accelerometer, temperature sensor, motion sensor, barometric pressure sensor, magnetic sensor, distance sensor, proximity sensor, fingerprint sensor, touch sensor, ambient light sensor, bone conduction sensor, etc.

[0060] Processor 110 may include one or more processing units, such as application processors (APs), modem processors, graphics processing units (GPUs), image signal processors (ISPs), controllers, memory, video codecs, digital signal processors (DSPs), baseband processors, and / or neural network processing units (NPUs). These different processing units may be independent devices or integrated into one or more processors.

[0061] The processor 110 may also include a memory for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory.

[0062] The wireless communication function of electronic device 100 can be implemented through antenna 1, antenna 2, mobile communication module 130, wireless communication module 140, modem processor, and baseband processor.

[0063] Antenna 1 and antenna 2 are used to transmit and receive electromagnetic wave signals. Each antenna in electronic device 100 can be used to cover one or more communication frequency bands. Different antennas can also be reused to improve antenna utilization.

[0064] The mobile communication module 130 can provide solutions for wireless communication, including 2G / 3G / 4G / 5G, applied to the electronic device 100. The mobile communication module 130 may include at least one filter, switch, power amplifier, low noise amplifier (LNA), etc.

[0065] The wireless communication module 140 can provide solutions for wireless communication applications on the electronic device 100, including wireless local area networks (WLAN) (such as wireless fidelity (Wi-Fi) networks), Bluetooth (BT), global navigation satellite system (GNSS), frequency modulation (FM), near field communication (NFC), and infrared (IR) technologies.

[0066] In some embodiments, antenna 1 of electronic device 100 is coupled to mobile communication module 130, and antenna 2 is coupled to wireless communication module 140, so that electronic device 100 can communicate with networks and other devices through wireless communication technology.

[0067] Electronic device 100 implements display functions through a GPU, display screen 164, and application processor. Processor 110 may include one or more GPUs, which execute program instructions to generate or modify display information.

[0068] The display screen 164 is used to display images, videos, etc., and the display screen 164 includes a display panel. In some embodiments, the electronic device 100 may include one or N display screens 164, where N is a positive integer greater than 1.

[0069] Electronic device 100 can perform shooting functions through ISP, camera 163, video codec, GPU, display screen 164 and application processor.

[0070] The ISP (Image Signal Processor) is used to process data fed back from the camera 163. For example, when taking a picture, the shutter is opened, and light is transmitted through the lens to the camera's photosensitive element. The light signal is converted into an electrical signal, and the camera's photosensitive element transmits the electrical signal to the ISP for processing, transforming it into an image visible to the naked eye. The ISP can also perform algorithmic optimization of image noise, brightness, and skin tone. The ISP can also optimize parameters such as exposure and color temperature of the shooting scene. In some embodiments, the ISP can be set in the camera 163.

[0071] Camera 163 is used to capture still images or videos. An object is projected onto a photosensitive element by generating an optical image through the lens. The photosensitive element can be a charge-coupled device (CCD) or a complementary metal-oxide-semiconductor (CMOS) phototransistor. The photosensitive element converts the light signal into an electrical signal, which is then passed to an ISP for conversion into a digital image signal. The ISP outputs the digital image signal to a DSP for processing. The DSP converts the digital image signal into image signals in standard formats such as RGB and YUV. In some embodiments, the electronic device 100 may include one or N cameras 163, where N is a positive integer greater than 1.

[0072] The camera 163 can be located at the edge of the electronic device, and can be an under-display camera or a pop-up camera. The camera 163 can include a front-facing camera or a rear-facing camera. This application embodiment does not limit the specific location and shape of the camera 163. The electronic device 100 can include one or more cameras with different focal lengths, such as telephoto cameras, wide-angle cameras, ultra-wide-angle cameras, or panoramic cameras.

[0073] The memory 120 can be used to store computer executable program code, which includes instructions. The processor 110 executes various functional applications and data processing of the electronic device 100 by running the instructions stored in the memory 120, such as enabling the electronic device 100 to implement the file sharing method in the embodiments of this application. The memory 120 may include a program storage area and a data storage area. The program storage area may store the operating system, at least one application program required for a function (such as sound playback function, image playback function, etc.), etc. The data storage area may store data created during the use of the electronic device 100, etc. Furthermore, the memory 120 may include high-speed random access memory, and may also include non-volatile memory, such as at least one disk storage device, flash memory device, universal flash storage (UFS), etc.

[0074] A touch sensor, also known as a "touch panel," can be located on the display screen 164. The touch sensor and display screen 164 together form a touchscreen, also called a "touch screen." The touch sensor detects touch operations applied to or near it. The touch sensor can then transmit the detected touch operation to the application processor to determine the type of touch event. Visual output related to the touch operation can be provided through the display screen 164.

[0075] A pressure sensor is used to sense pressure signals and can convert these signals into electrical signals. In some embodiments, the pressure sensor may be located on the display screen 164. The electronic device 100 may also calculate the position of a touch based on the detection signal from the pressure sensor.

[0076] A gyroscope sensor can be used to determine the motion attitude of an electronic device 100. In some embodiments, the angular velocity of the electronic device 100 about three axes (i.e., the x, y, and z axes) can be determined by the gyroscope sensor.

[0077] An accelerometer can detect the magnitude of acceleration of an electronic device 100 in various directions (typically three axes). When the electronic device 100 is stationary, the accelerometer can detect the magnitude and direction of gravity. Accelerometers can also be used to identify the posture of electronic devices, and are applied in applications such as screen orientation switching and pedometers.

[0078] Buttons 160 include a power button, volume buttons, etc. Buttons 160 can be mechanical buttons or touch buttons. Electronic device 100 can receive button input and generate key signal inputs related to user settings and function control of electronic device 100.

[0079] The software system of electronic device 100 can adopt a layered architecture, event-driven architecture, microkernel architecture, microservice architecture, or cloud architecture. This embodiment of the invention uses the layered architecture Android system as an example to illustrate the software structure of electronic device 100.

[0080] like Figure 3 The software architecture diagram of the illustrative electronic device 100 illustrates a layered architecture that divides the software into several layers, each with a clear role and function. Layers communicate with each other through software interfaces. In some embodiments, the Android system is divided into five layers, from top to bottom: the application layer, the application framework layer, the Android runtime, the system layer, and the kernel layer.

[0081] The application layer can include a series of application packages, such as Figure 3 As shown, the application package may include applications such as a camera, gallery, instant messaging application, and quantum-safe envelope. Instant messaging applications are applications that enable real-time communication via the internet, allowing users to communicate in real time through text messages, voice calls, video calls, etc. Common instant messaging applications include WeChat, QQ, and WhatsApp. Quantum-safe envelopes can protect the privacy and security of communication content through quantum encryption technology, and can securely generate and distribute encryption keys through quantum key distribution protocols, providing a secure and reliable end-to-end encryption function.

[0082] The application framework layer provides application programming interfaces (APIs) and a programming framework for applications in the application layer, including various components and services to support Android development. The application framework layer includes some predefined functions. For example... Figure 3 As shown, the application framework layer can include a window manager, content provider, notification manager, resource manager, and file sharing application, etc.

[0083] The window manager is used to manage windowed applications. It can retrieve screen size, determine if a status bar is present, lock the screen, and capture screenshots, among other things.

[0084] Content providers store and retrieve data, making that data accessible to applications. This data can include videos, images, audio, phone calls made and received, browsing history and bookmarks, phone books, and more.

[0085] File Explorer can provide applications with various resources, such as localized strings, icons, images, layout files, video files, and so on.

[0086] The notification manager allows applications to display notifications in the status bar. These notifications can be used to convey informational messages and can disappear automatically after a short pause, requiring no user interaction. Examples include notifications of download completion and message alerts. Notifications can also appear as icons or scrolling text in the top status bar, such as notifications from background applications, or as dialog boxes on the screen. Examples include text messages in the status bar, sound alerts, vibrations, and flashing indicator lights.

[0087] File-sharing applications can provide key management and encryption / decryption functions, such as key generation and distribution, encrypted file transfer, encrypted message transmission, multi-factor authentication, and customized access control. When a user uses a file-sharing application for the first time, the application automatically generates an encryption key pair and a signing key pair that match the user's identification information, and uploads the encryption public key and signing public key to the key management platform.

[0088] The system layer includes system libraries and the Android Runtime. System libraries can include multiple functional modules, such as image rendering libraries, image compositing libraries, function libraries, media libraries, and key management modules. The key management module provides applications with necessary key management and encryption / decryption functions, such as generating, storing, and managing encryption keys to protect the security of application and user data.

[0089] The Android runtime consists of the core libraries and the virtual machine. The Android runtime is responsible for scheduling and managing the Android system. The core libraries comprise two parts: one part contains the functionalities that Java calls, and the other part consists of the Android core libraries. The application layer and application framework layer run in the virtual machine, which executes the Java files of the application layer and application framework layer into binary files. The virtual machine is used to perform functions such as object lifecycle management, stack management, thread management, security and exception management, and garbage collection.

[0090] Understandable, Figure 3 The components included in the system framework layer, system library, and runtime layer shown do not constitute a specific limitation on the electronic device 100. In other embodiments of this application, the electronic device 100 may include more or fewer components than shown, or combine some components, or split some components, or have different component arrangements.

[0091] The kernel layer is the layer between the hardware and the aforementioned software layers. The kernel layer contains at least display drivers, camera drivers, and sensor drivers. Hardware may include devices such as cameras, displays, microphones, processors, and memory.

[0092] The following is combined with Figure 4 The file sharing process in this application embodiment is illustrated below. Figure 4 This diagram illustrates a file-sharing process. (For example...) Figure 4 As shown, the sender selects a file to be shared, such as a document, image, or video, based on the first terminal 201. During the file sharing process, the first terminal 201 randomly generates a file key and uses this key to encrypt the file to be shared, obtaining the encrypted file 202. The encrypted file 202 is then sent to the second terminal 204 corresponding to the recipient via a third-party application (such as WeChat) on the first terminal 201. The first terminal 201 uses the public key obtained from the cloud service platform to encrypt the file key, obtaining a file key envelope 205. The first terminal 201 sends the file key envelope 205 to the cloud service platform 206, thereby achieving the transmission of data streams and key streams based on different paths.

[0093] After receiving the encrypted shared file 202, the second terminal 204 corresponding to the recipient can obtain the file key envelope 205 from the cloud service platform 206. The second terminal 204 uses the locally stored decryption private key to decrypt the file key envelope 205 to obtain the file key. The second terminal 204 then uses the file key to decrypt the encrypted shared file 202 to obtain the content of the shared file.

[0094] The first terminal 201 also sends the encrypted file 202 to other terminals 207 through a third-party application 203. Other terminals 207 cannot obtain the file key envelope 205 from the cloud service platform 206, therefore, other terminals 207 cannot decrypt the encrypted file 202.

[0095] Figure 5 The flowchart illustrating a file-sharing method is shown below. Taking the execution entity as the first terminal as an example, the terminal corresponding to the file sharer (i.e., the sender) constitutes the first terminal. For example... Figure 5 As shown, the file sharing method includes operations S110~S160, for example.

[0096] In operation S110, the first terminal responds to the identification information of the user-selected sharer by sending the identification information to the key management platform.

[0097] In operation S120, the first terminal receives the encrypted public key returned by the key management platform that matches the identification information.

[0098] In operation S130, the first terminal uses a randomly generated file key to encrypt the file to be shared, thus obtaining the ciphertext of the shared file.

[0099] In operation S140, the first terminal uses the encryption public key to encrypt the file key, thus obtaining the file key envelope.

[0100] In operation S150, the first terminal responds to the access policy parameters generated for the file to be shared and generates access policy data corresponding to the access policy parameters.

[0101] In operation S160, the first terminal sends the file key envelope and access policy data to the key management platform, and sends the encrypted shared file to the second terminal corresponding to the recipient through a third-party application.

[0102] The following are exemplary operation examples of the file sharing method of this embodiment.

[0103] In operation S110, the first terminal responds to the identification information of the user-selected sharer by sending the identification information to the key management platform.

[0104] For example, the first terminal includes a file-sharing application that can provide key management and encryption / decryption functions. The file-sharing application and the key management platform can interact via data to implement the file-sharing method of this embodiment. The key management platform can be a cloud service platform composed of computer clusters, which plays a crucial role in encrypted communication and can be used to store, manage, and distribute encryption keys to ensure the security of encrypted communication and protect the confidentiality of user data.

[0105] Users can select files to share on a primary device. In response to the user's action regarding the file sharing option, the primary device displays options to share via a file sharing application. In response to the user's action regarding the sharing option, the file sharing application displays identification information for candidate contacts. Furthermore, in response to the user's selection of the target contact's identification information, the file sharing application designates the target contact as the recipient.

[0106] The target contact includes any contact from the candidate contacts. Candidate contacts can be users who have registered and enabled file sharing services in the file sharing application. The identification information of the candidate contact can include mobile phone number, email address, or other information with unique identification functions, such as ID card number.

[0107] In response to the identifier information of the user-selected recipient, the file-sharing application sends a key retrieval request to the key management platform, carrying the recipient's identifier information. Based on the received key retrieval request, the key management platform returns an encrypted public key that matches the identifier information to the file-sharing application.

[0108] As an optional embodiment, in response to a user's triggering action on the sharing option, the file-sharing application may also display pending authorization policy parameters matching the file to be shared. In response to the user's parameter input for the pending authorization policy parameters, the file-sharing application uses the input parameters as access policy parameters generated for the file to be shared. Access policy parameters may include at least one of the following: file validity period, trusted access address, trusted access time, and access limit number of times.

[0109] For example, after a user chooses to share a file using a file-sharing app, the app displays an access time parameter that matches the file to be shared. In response to the user's input of the access time parameter, the file-sharing app determines the trusted access time of the file to be shared based on the user's given time parameter and generates access policy data that includes the trusted access time.

[0110] Figure 6 This schematically illustrates another file-sharing process. Figure 6 As shown in interface 301, the user selects the file to be shared based on the first terminal. In response to the user's trigger operation on the file sharing option 3011, as shown in interface 302, the first terminal displays the option to share via file sharing application 3021, which could be, for example, a quantum-secure envelope.

[0111] In response to a user's trigger action on the "file sharing application 3021", as shown in interface 303, the file sharing application displays the identification information 3031 of the candidate contacts. As shown in interface 304, in response to a user's selection action on the identification information 3041 of the target contact, the file sharing application selects the target contact as the recipient, and the target contact includes any contact from the candidate contacts.

[0112] In addition, the file-sharing application can also display a pending authorization policy parameter 3042 that matches the file to be shared. The pending authorization policy parameter 3042 could be, for example, a pending authorization validity period parameter. As shown in interface 305, in response to the user's parameter input for the pending authorization policy parameter 3042, the file-sharing application uses the input parameter 3051 as the access policy parameter generated for the file to be shared.

[0113] In operation S120, the first terminal receives the encrypted public key returned by the key management platform that matches the identification information.

[0114] In operation S130, the first terminal uses a randomly generated file key to encrypt the file to be shared, thus obtaining the ciphertext of the shared file.

[0115] For example, after a user chooses to share a file using a file-sharing application, the application encrypts the file to be shared using a randomly generated file key, thus converting the plaintext file into ciphertext. The ciphertext retains the original file information, but after encryption, only the recipient with the correct key can decrypt and recover the original file content. This encryption process effectively ensures the confidentiality and security of file transfer.

[0116] In operation S140, the first terminal uses the encryption public key to encrypt the file key, thus obtaining the file key envelope.

[0117] For example, a file-sharing application uses a public key that matches the identifier of the recipient to encrypt the file key, resulting in a file key envelope. The file key envelope contains a copy of the file key, typically encrypted with the recipient's public key, effectively ensuring that only the recipient can decrypt the file key envelope and obtain the file key. The file key envelope provides a secure way to transmit the file key during file transfer without exposing the key itself. Even if the file key envelope is intercepted during transmission, the interceptor cannot obtain the decryption key for the encrypted file, thus effectively guaranteeing the security and confidentiality of the file transfer process.

[0118] In operation S150, the first terminal responds to the access policy parameters generated for the file to be shared and generates access policy data corresponding to the access policy parameters.

[0119] For example, the file-sharing application provides the authorization parameters required to generate access policy data. These parameters may include, for example, validity period parameters, access time parameters, access location parameters, and hardware fingerprint parameters. The hardware fingerprint parameter can be a hardware characteristic or attribute used to uniquely identify a specific device, such as a device model or a unique device identifier. In response to the user's parameter input for the authorization parameters, the file-sharing application assigns values ​​to the internal attribute parameters in the authorized file plaintext template according to the given parameters, obtaining the authorized file plaintext, and uses this authorized file plaintext as access policy data matching the file to be shared.

[0120] In operation S160, the first terminal sends the file key envelope and access policy data to the key management platform, and sends the encrypted shared file to the second terminal corresponding to the recipient through a third-party application.

[0121] For example, a file-sharing application packages a file key envelope and access policy data to obtain access control data for the file to be shared. The application then signs the access control data using a signing private key and sends the signed data to a key management platform. This signing operation ensures the integrity and authenticity of the access control data, effectively preventing tampering or forgery during transmission. The key management platform can verify the signature of the access control data and, when needed, provide the file key envelope to decrypt the file.

[0122] Furthermore, file-sharing applications send encrypted files to a second terminal via social media platforms or instant messaging software on the first terminal. This allows users to easily receive shared files on social media platforms or instant messaging software, improving the convenience and user experience of file sharing.

[0123] refer to Figure 6 To illustrate, the file-sharing application uses a randomly generated file key to encrypt the file to be shared, as shown in interface 306, resulting in ciphertext 3061. Next, the user can choose to send the generated ciphertext 3061 via instant messaging software (such as WeChat). As shown in interface 307, in response to the user's trigger action on the instant messaging software, the software will display a chat creation interface. After the user selects the target audience for the sharing, as shown in interface 308, the instant messaging software displays that the ciphertext 3061 has been sent to the target audience.

[0124] Next, taking the system as the execution subject as an example, the file sharing method of this application embodiment will be described. The system can be an end-to-end encryption system, including a first terminal, a second terminal, and a key management platform.

[0125] For example, in response to the identifier information of the user-selected recipient, the first terminal sends a key acquisition request to the key management platform, the key acquisition request carrying the identifier information of the recipient. Based on the received key acquisition request, the key management platform returns an encrypted public key that matches the identifier information to the first terminal.

[0126] The first terminal uses a randomly generated file key to encrypt the file to be shared, obtaining the ciphertext of the shared file, and uses the encryption public key to encrypt the file key, obtaining the file key envelope. In response to the access policy parameters generated for the file to be shared, the first terminal generates access policy data corresponding to the access policy parameters. The first terminal sends the file key envelope and access policy data to the key management platform, and also sends the ciphertext of the shared file to the second terminal through a third-party application.

[0127] For example, the first terminal packages the file key envelope and access policy data to obtain access control data for the file to be shared. Furthermore, the first terminal signs the access control data using a locally stored signing private key and sends the signed access control data to the key management platform. Additionally, the first terminal can also send the encrypted file to the second terminal via a social media platform or instant messaging software.

[0128] In response to receiving the encrypted shared file, the second terminal sends a key acquisition request to the key management platform. The key acquisition request carries the identification information of the recipient, that is, the identification information of the logged-in account on the second terminal. The identification information may include, for example, a mobile phone number, email address, or other information with unique identification function.

[0129] As an optional method, after a third-party application on the second terminal receives the encrypted shared file, the second terminal displays the option to view the encrypted shared file through the file-sharing application. In response to the user's choice to view the encrypted shared file through the file-sharing application on the second terminal, the file-sharing application sends a key retrieval request to the key management platform, the key retrieval request carrying the identification information of the recipient.

[0130] In response to a received key retrieval request, the key management platform verifies the access control data using a signature public key that matches the sharer's signature. If the signature verification is successful, the key management platform parses the access control data to obtain the file key envelope and access policy data.

[0131] Next, the key management platform, based on the received identifier information of the recipient, determines whether all access policy parameters for the shared encrypted file are satisfied. For example, based on the received identifier information, the key management platform determines whether the user corresponding to the second terminal is the target user for sharing the encrypted file.

[0132] When the user corresponding to the second terminal is the target user for sharing, the key management platform determines, based on the received log data matching the identification information, whether all access policy parameters indicated by the access policy data are satisfied. The received log data includes, for example, at least one of the following: the time of receipt, the address source, and the number of receipts. Based on the received log data matching the identification information, the key management platform can determine whether the second terminal's request to view the encrypted shared file conforms to parameters given by the file sharer, such as file validity period, trusted access time, trusted access location, trusted access device, and access limit.

[0133] For example, the key management platform determines whether the time when the second terminal requests to view the encrypted shared file meets the file validity period and / or trusted access time based on the reception time of the identification information. The key management platform also determines whether the address from which the second terminal requests to view the encrypted shared file is a trusted access address based on the address source of the identification information. Furthermore, the key management platform determines whether the number of times the second terminal requests to view the encrypted shared file complies with the access limit based on the number of times the identification information is received.

[0134] If all access policy parameters for the encrypted shared file are satisfied, the key management platform returns a file key envelope to the second terminal. The file-sharing application on the second terminal uses its locally stored decryption private key to decrypt the file key envelope, obtaining the file key in plaintext. The decryption private key used to decrypt the file key envelope is matched with the encryption public key provided by the key management platform to the first terminal, which matches the identifier information of the recipient.

[0135] File-sharing applications use a file key to decrypt the encrypted shared file, revealing and displaying its content. After decryption, the application clears the file key and its envelope to ensure data security and prevent unauthorized use of the key and related information.

[0136] When viewing shared files through a file-sharing application, the application stores the file content in memory. Keeping the decrypted shared file content only in memory, rather than storing it on disk, effectively improves user data security and privacy, saves storage space, and enhances system security and performance.

[0137] In response to the detection of exiting the file-sharing application, the file-sharing application clears the shared file content stored in memory. This effectively prevents other applications or users from accessing the shared file content after the file-sharing application is closed, which helps ensure the security and confidentiality of user data.

[0138] Figure 7 This diagram illustrates another file-sharing process. (For example...) Figure 7 As shown, in the first terminal, the sender selects the file to be shared through user operation. After selecting the file to be shared, the user can trigger a share dialog box to select file sharing. After the user triggers the share dialog box, the first terminal displays the option to share through a file sharing application.

[0139] File-sharing applications authenticate the user's identity based on the currently logged-in account on the device. The currently logged-in account may include, for example, a mobile phone number, an email address, or other information with unique identification functions.

[0140] After the sender chooses to use a file-sharing application to share files, the file-sharing application retrieves the encrypted public key from the key management platform that matches the recipient's identification information. Furthermore, in response to the sender's given access policy parameters for the files to be shared, the file-sharing application generates access policy data based on those parameters.

[0141] The file-sharing application uses a randomly generated file key to encrypt the file to be shared, obtaining the ciphertext of the shared file. The application then uses the received public key to encrypt the file key, obtaining a file key envelope. Finally, the application packages the file key envelope and access policy data together to obtain the access control data for the file to be shared.

[0142] The file-sharing application uses a locally stored signing private key to sign the access control data and then sends the signed access control data to the key management platform. The file-sharing application then sends the encrypted shared files to the second terminal via a third-party application (such as WeChat, QQ, or email) on the first terminal.

[0143] After a third-party application on a second terminal receives the encrypted shared file, the second terminal displays an option to view the encrypted shared file through the file-sharing application. In response to the recipient's choice to view the encrypted shared file through the file-sharing application on the second terminal, the file-sharing application sends a key retrieval request to the key management platform. The key retrieval request carries the recipient's identification information to request a file key envelope used to decrypt the encrypted shared file.

[0144] In response to a received key retrieval request, the key management platform verifies the access control data using a signature public key matching the sender's. If the signature verification is successful, the key management platform parses the access control data to obtain the file key envelope and access policy data. Next, based on the received recipient's identification information, the key management platform determines whether all access policy parameters for the shared encrypted file are satisfied. For example, based on received log data matching the identification information, the key management platform determines whether all access policy parameters indicated by the access policy data are satisfied.

[0145] If all access policy parameters are satisfied, the key management platform returns a file key envelope to the file-sharing application on the second terminal. The file-sharing application uses its locally stored decryption private key to decrypt the file key envelope, obtaining the file key. The file-sharing application then uses the file key to decrypt the encrypted shared file, obtaining the shared file content. The recipient can then open the shared file content through user actions within the file-sharing application.

[0146] Figure 8 This schematically illustrates yet another file-sharing process. (For example...) Figure 8 As shown, during the initialization phase, the first terminal corresponding to the sender generates a signature public-private key pair.<EnvSignKey pk,EnSignKey sk> and the verification public key therein<EnvSignKey pk> Upload to the key management platform.

[0147] The second terminal corresponding to the recipient generates an encrypted public-private key pair.<EnvEncKey pk,EnvEnKey sk> and the encrypted public key therein<EnvEncKey pk> Upload to the key management platform.

[0148] A key management platform can be a cloud service platform consisting of a cluster of computers.

[0149] During the file sharing phase, the first terminal uploads the recipient's identification information to the key management platform. This identification information may include a mobile phone number, email address, or other information with unique identification capabilities. The key management platform then returns an encrypted public key to the first terminal that matches the recipient's identification information.<EnvEncKey pk> .

[0150] The first terminal randomly generates a file key.<FileKey sk> and using the public key of encryption<EnvEncKey pk> File key<FileKey sk> Encryption is performed to obtain the file key envelope.<FileKey c> .

[0151] The first terminal uses a file key.<FileKey sk> The file to be shared is encrypted to obtain the encrypted file. Then, the first terminal sends the encrypted file to the second terminal via a third-party application.

[0152] The first terminal uses the signing private key.<EnvSignKey sk> File key envelope<FileKey c> Sign the access policy data to obtain the signed data.<FileKey c ,Poilcy Signature> and the signed<FileKeyc ,Poilcy Signature> Upload to the key management platform.

[0153] In response to receiving the encrypted shared file, the second terminal requests a file key envelope from the key management platform. The key management platform uses the verified public key...<EnvSignKey pk> For those that have been signed<FileKey c ,Poilcy Signature> Perform signature verification. If verification passes, the key management platform will...<FileKey c ,Poilcy Signature> The file key envelope was obtained through parsing.<FileKey c> Access policy data.

[0154] The key management platform determines whether all access policy parameters indicated by the access policy data are satisfied. If all access policy parameters are satisfied, the key management platform returns a file key envelope to the second terminal.<FileKey c> The second terminal uses the decryption private key.<EnvEnKey sk> File key envelope<FileKey c> Decrypt to obtain the file key.<FileKey sk> and using file keys<FileKey sk> Decrypt the encrypted shared file to obtain its content.

[0155] Current end-to-end file encryption schemes can restrict recipients to ensure that only authorized recipients can open files. However, in some cases, simply restricting recipients is insufficient. For example, for a work document, in addition to allowing employees to open it, it's necessary to restrict access to the office and during work hours. Even employees should be unable to open the file outside the designated location or time. Furthermore, to prevent circumvention of these restrictions through methods such as reporting false locations or modifying system times, the requesting party needs to provide reliable time and geographical location information.

[0156] This application proposes an end-to-end encryption scheme with access policy control. By generating a shared file header and access policy data, it enables more granular access control over the encrypted shared file, effectively protecting the privacy and security of the file sharing process.

[0157] For example, this application provides a file sharing method. First, the method will be described using a first terminal as the executing entity.

[0158] In response to the identifier information of the user-selected recipient, the first terminal sends the identifier information to the key management platform. The first terminal receives the encryption public key returned by the key management platform that matches the identifier information. The first terminal encrypts the file to be shared using a randomly generated file key to obtain the ciphertext of the shared file, and encrypts the file key using the encryption public key to obtain the file key envelope. In response to the access policy parameters generated for the file to be shared, the first terminal generates a sharing file header and access policy data corresponding to the access policy parameters. The first terminal sends the file key envelope and access policy data to the key management platform, and sends the sharing file header and ciphertext of the shared file to the second terminal corresponding to the recipient through a third-party application.

[0159] The first terminal includes a file-sharing application, which can provide key management and encryption / decryption functions. The file-sharing application and the key management platform can interact via data to implement the file-sharing method of this application embodiment.

[0160] During file sharing, the file sharing application displays the pending authorization policy parameters that match the file to be shared. In response to the user's parameter input for these pending authorization policy parameters, the file sharing application uses the given parameters as the access policy parameters generated for the file to be shared. Access policy parameters may include at least one of the following: file validity period, trusted access address, trusted access time, terminal restriction parameters, and access limit attempts.

[0161] The file-sharing application determines an access control identifier that matches the file to be shared based on the generated access policy parameters. The access control identifier instructs the second terminal on the file access parameters to be reported when viewing the encrypted shared file. File access parameters may include at least one of the following: timestamp parameters, location identification parameters, and terminal identification parameters.

[0162] The timestamp parameter indicates the time when the second terminal requested to view the encrypted shared file. The location identification parameter indicates the geographical location when the second terminal requested to view the encrypted shared file. The terminal identification parameter indicates the terminal information of the second terminal, such as the MAC address, IMEI number (International Mobile Equipment Identity), serial number, etc.

[0163] The file-sharing application generates access policy data based on the user-provided access policy parameters, and packages the access policy data with a file key envelope to obtain the access control data for the file to be shared. The file-sharing application then signs the access control data using a signing private key and sends the signed access control data to the key management platform.

[0164] File-sharing applications construct a shared file header that includes access control identifiers. Alternatively, the application can add access control identifiers to the metadata of the file to be shared, forming a shared file header that also includes access control identifiers. The metadata of the file to be shared can be a collection of information describing file attributes and characteristics, such as file name, file size, file type, creation time, etc.

[0165] The file-sharing application merges the file header and the encrypted file to obtain a shared file package. Then, the application sends the shared file package to a second terminal via a social media platform or instant messaging software on the first terminal. By embedding access control identifiers in the shared file package, fine-grained control over file access can be effectively achieved, enhancing the security and confidentiality of file access. After receiving the shared file package, the second terminal can determine the file access parameters that need to be reported to the key management platform based on the access control identifiers in the shared file header.

[0166] Next, taking the system as the execution subject as an example, the file sharing method of this application embodiment will be described. The system can be an end-to-end encryption system, including a first terminal, a second terminal, and a key management platform.

[0167] For example, in response to the identifier information of the user-selected recipient, the first terminal sends a key acquisition request to the key management platform, the key acquisition request carrying the identifier information of the recipient. Based on the received key acquisition request, the key management platform returns an encrypted public key that matches the identifier information to the first terminal.

[0168] The first terminal uses a randomly generated file key to encrypt the file to be shared, obtaining the ciphertext of the shared file, and uses the encryption public key to encrypt the file key, obtaining the file key envelope.

[0169] In response to the access policy parameters given by the user for the file to be shared, the first terminal generates a shareable file header and access policy data corresponding to the access policy parameters. For example, based on the generated access policy parameters, the file-sharing application determines an access control identifier matching the file to be shared. The access control identifier is used to instruct the second terminal on the file access parameters to be reported when viewing the encrypted shared file. The file-sharing application adds the access control identifier to the metadata of the file to be shared, forming a shareable file header containing the access control identifier. File access parameters may include at least one of the following: timestamp parameters, location identification parameters, and terminal identification parameters.

[0170] File-sharing applications package access policy data and file key envelopes to obtain access control data for the files to be shared. The application then signs the access control data using a locally stored signing private key and sends the signed data to the key management platform.

[0171] File-sharing applications combine the file header and the encrypted file to create a shared file package. The application then sends this package to a second terminal via a social media platform or instant messaging software on the first terminal.

[0172] After receiving the shared file package, the third-party application in the second terminal responds to the user's choice to view the shared file package through the file sharing application. The file sharing application parses the shared file header to obtain an access control identifier that matches the encrypted text of the shared file.

[0173] When an access control identifier indicates that file access parameters need to be reported, the file-sharing application obtains the file access parameters from the trusted execution environment of the second terminal. For example, when an access control identifier indicates that file access parameters need to be reported, the file-sharing application obtains file access parameters signed by the trusted execution environment from the second terminal. The file access parameters may include at least one of the following parameters: timestamp parameters, location identification parameters, and terminal identification parameters.

[0174] A Trusted Execution Environment (TEE) in a terminal is a secure execution environment, typically composed of hardware and software, used to protect sensitive data and execute critical tasks. TEEs are usually supported by hardware security components (such as secure processors and secure memory regions) to ensure that sensitive data is protected during task execution, preventing unauthorized modification or access. File access parameters signed by the TEE are trustworthy; file access parameters verified by the TEE are considered legitimate, effectively guaranteeing that file access parameters have not been tampered with or forged.

[0175] The file-sharing application on the second terminal sends a key retrieval request to the key management platform. This request includes file access parameters and the identifier of the recipient. Based on the received file access parameters and identifier, the key management platform determines whether all access policy parameters for the encrypted shared file are satisfied.

[0176] As an optional approach, in response to a received key retrieval request, the key management platform verifies the access control data using a signing public key that matches the sharer's signature. If the signature verification is successful, the key management platform parses the access control data to obtain the file key envelope and access policy data.

[0177] The key management platform determines whether all access policy parameters indicated by the access policy data are satisfied based on the received file access parameters and identification information. For example, the key management platform determines whether the user of the second terminal is the target user for sharing encrypted files based on the received identification information. If the user of the second terminal is the target user, the key management platform determines whether the received file access parameters satisfy the corresponding access policy parameters. If the file access parameters satisfy the corresponding access policy parameters, the key management platform determines whether all other access policy parameters besides the aforementioned corresponding access policy parameters are satisfied based on the received log data matching the identification information.

[0178] The file access parameters may include at least one of the following: timestamp parameters, location identification parameters, and terminal identification parameters. The access policy parameters may include at least one of the following: file validity period, trusted access address, trusted access time, terminal restriction parameters, and access restriction times.

[0179] For example, the key management platform uses timestamp parameters to determine whether the time when a second terminal requests to view the encrypted shared file meets the file validity period and / or trusted access time. It uses location identification parameters to determine whether the address from which the second terminal requests to view the encrypted shared file is a trusted access address. Alternatively, it uses terminal identification parameters to determine whether the second terminal meets terminal restriction parameters. In other words, the key management platform verifies whether the second terminal meets the access restrictions set by the sender by identifying the terminal characteristics of the second terminal. For instance, if the terminal restriction parameters require access to shared file content on a specific type of device, the key management platform will verify the device type of the second terminal based on the terminal identification parameters to confirm whether it meets the access restriction conditions.

[0180] In response to the access policy parameters for the encrypted shared file being satisfied, the key management platform returns a file key envelope to the second terminal. The file-sharing application on the second terminal uses the locally stored decryption private key to decrypt the file key envelope to obtain the file key, and then uses the file key to decrypt the encrypted shared file to obtain and display the shared file content.

[0181] After decrypting the encrypted shared file, the file-sharing application clears the file key and file key envelope. Additionally, in response to detecting that the file-sharing application has exited, the application clears the shared file content stored in memory.

[0182] Figure 9 The diagram illustrates access policy parameters. These parameters can specify restrictions such as recipient identity, file validity period, trusted access location, trusted access time, and device limitations.

[0183] like Figure 9 This illustrates that a mobile phone number, email address, or other uniquely identifying information can be used as the recipient's identifier. The sender can then filter the recipient's identifier to restrict the recipient's identity.

[0184] File validity period refers to the time range within which a file remains valid or accessible. During file sharing or data exchange, files typically have a validity period limit; after this period, they may automatically expire or become inaccessible. The file validity period can be set based on specific needs and security policies to ensure that the file is accessed within an appropriate timeframe. File validity periods can be self-destructing after being viewed, or they can be any custom duration set by the sender.

[0185] A trusted access location is a trusted location where a file can be accessed or opened. To protect file security or control access permissions, files may only be accessible or opened in specific locations; these locations are called trusted access locations. For example, certain sensitive files may only be accessible on specific computers within a company's internal network and cannot be opened on external networks or other devices. Determining a file's trusted access location helps strengthen file security management and access control. A trusted access location can be indicated, for example, by GPS coordinates set by the sender. The sender can restrict the file's access location by specifying GPS coordinates; the file can only be accessed or opened within the specified GPS coordinate range.

[0186] Device restriction parameters can ensure that specific types of devices or devices under specific conditions can access or open files. The sender can restrict which devices can access or open files by specifying the device type or device authentication status.

[0187] Figure 10 This diagram illustrates the verification process for file access parameters.

[0188] After receiving a shared file package through a third-party application, the second terminal displays an option to view the shared file package through the file-sharing application. In response to the user's action on the aforementioned option, the file-sharing application parses the shared file header to obtain an access control identifier that matches the encrypted shared file.

[0189] The shared file header and the shared file ciphertext constitute a shared file packet. An access control identifier indicates the file access parameters that the second terminal needs to report when requesting to view the shared file ciphertext. When the access control identifier indicates that file access parameters need to be reported, the file-sharing application obtains the file access parameters, signed by a trusted execution environment, from the second terminal.

[0190] like Figure 10As shown, the request packaging module in the file-sharing application obtains the timestamp parameter signed by the TEE (Trusted Execution Environment) from the TEE's time module. It also obtains the location parameter signed by the TEE from the TEE's location module.

[0191] The timestamp parameter signed by the TEE is typically obtained through a secure clock or timer within the TEE. The TEE usually contains a secure real-time clock (RTC) whose time is protected from external operating systems or other applications. When a timestamp parameter needs to be generated, the TEE reads its internal secure clock and signs it using the current time as the timestamp parameter.

[0192] Location parameters signed by a TEE are typically obtained by acquiring the device's current location information through multiple sensors and then signing it using the TEE's private key. Location parameters signed by a TEE can, for example, indicate the GPS coordinates of a second terminal.

[0193] The request packaging module sends a key envelope request to the key management platform to request a file key envelope used to decrypt the shared file ciphertext. The key envelope request carries a timestamp parameter signed by the TEE, a location parameter signed by the TEE, and the file ID corresponding to the shared file ciphertext.

[0194] In response to a received key envelope request, the key management platform retrieves access policy parameters matching the encrypted shared file from the policy database based on the file ID in the request. The platform then verifies whether the access policy parameters are satisfied based on the file access time indicated by the timestamp parameter and the file access location indicated by the location parameter. If the access policy parameters are satisfied, the platform retrieves the file key envelope from the key envelope library based on the file ID and returns it to the file-sharing application on the second terminal. This allows the file decryption module in the application to use the file key envelope to decrypt the encrypted shared file.

[0195] In end-to-end data encryption schemes, the client typically needs to generate both a signature public-private key pair and an encryption public-private key pair. To ensure the security of key data and improve the convenience of key management, the management of the public-private key pairs can be delegated to the application within the client. In practical applications, the same user account may be logged in on multiple terminals and apply for key management services on these terminals. When a user makes service changes on a terminal, such as adding a new terminal or deregistering from the key management service, it is necessary to ensure that key data is synchronized across multiple terminals and the cloud service platform to ensure that data can be correctly decrypted on any terminal.

[0196] This application proposes a key management method applied to an electronic device. The electronic device includes a file-sharing application, which provides key management and encryption / decryption functions. When a user uses the file-sharing application for the first time, the application automatically generates an encryption key pair and a signing key pair that match the user's identification information, and uploads the encryption public key and the signing public key to a key management platform.

[0197] Figure 11 A flowchart illustrating a key management method is shown schematically. For example... Figure 11 As shown, the key management method includes, for example, operations S210 to S240.

[0198] In operation S210, in response to the detection of a service change event based on a file-sharing application, the file-sharing application initiates a key management request, which includes the currently logged-in account in the electronic device.

[0199] In operation S220, the electronic device receives public key data returned by the key management platform based on the currently logged-in account.

[0200] In operation S230, the electronic device performs a consistency check between the public key data and the local key data, and obtains the check result.

[0201] In operation S240, the electronic device updates the current key pair indicated by the local key data based on the verification result.

[0202] The following are exemplary operation examples of the key management method of this embodiment.

[0203] Service change events may include at least one of the following events: service registration event, service deregistration event, new device addition event, account switching event, device change event, permission change event, subscription status change event, and security setting change event.

[0204] In response to the detection of a service change event based on a file-sharing application, the file-sharing application initiates a key management request to the key management platform. The key management request includes the currently logged-in account on the electronic device. The currently logged-in account constitutes the identification information of the user corresponding to the electronic device. The currently logged-in account can be a mobile phone number, email address, username, social media account, ID card number, or other uniquely identifying information.

[0205] The file-sharing application receives public key data returned by the key management platform based on the currently logged-in account. It then performs a consistency check between the encrypted public key indicated by the public key data and the public key in the current key pair, obtaining the check result. If the check result indicates that the encrypted public key does not match the public key in the current key pair, the file-sharing application can update the current key pair based on the received public key data.

[0206] In one example, in response to detecting a service registration event based on a file-sharing application, the file-sharing application initiates a key acquisition request to a key management platform as a key management request. Then, the file-sharing application receives public key data returned by the key management platform that matches the currently logged-in account, and performs a consistency verification between the public key data and local key data to obtain the verification result.

[0207] If the public key data indicates that the encrypted public key matching the currently logged-in account is empty, it indicates that the currently logged-in account has not registered for a secure sharing service based on a file-sharing application. If the file-sharing application detects the current key pair stored locally, it means that the current key pair does not match the current logged-in account on the electronic device. This may be caused by a change in the login account on the electronic device. Deleting the current key pair stored locally helps ensure the consistency and up-to-dateness of the key data.

[0208] In addition, file-sharing applications can generate local key pairs based on the currently logged-in account. Local key pairs may include, for example, a signing public-private key pair and an encryption public-private key pair. The file-sharing application uses the local key pair as the new current key pair and uploads the currently logged-in account, the device information of the electronic device, and the public key from the local key pair to the key management platform.

[0209] In another example, in response to detecting a new device joining event based on a file-sharing application, the file-sharing application initiates a key acquisition request to the key management platform as a key management request. The file-sharing application receives public key data returned by the key management platform that matches the currently logged-in account, and performs a consistency verification between the public key data and local key data to obtain the verification result.

[0210] When the public key data indicates an encrypted public key that matches the currently logged-in account, and the local key data indicates that the current key pair is empty, the file-sharing application uses the key synchronization service to find the target key pair corresponding to the encrypted public key and stores the found target key pair as the current key pair.

[0211] If the public key data indicates that the key management platform holds an encrypted public key matching the currently logged-in account, it means that the currently logged-in account has already registered for a secure sharing service based on a file-sharing application. If the local key data indicates that the current key pair is empty, it means that the key management platform may not have yet synchronized the key data matching the currently logged-in account to the newly added device.

[0212] Key synchronization service is used to synchronize key data across multiple devices. It ensures that users use the same key for encryption and decryption operations across multiple devices, effectively guaranteeing key data security and consistency. File-sharing applications use key synchronization service to find the target key pair corresponding to the encryption public key and store this target key pair as the current key pair. This ensures consistency between the key data of newly added devices and the key management platform, avoiding inconsistencies in key management between different devices.

[0213] Alternatively, in response to a user logging into the current account on a new device (i.e., in response to a new device joining event detected by the file-sharing application), the file-sharing application initiates a key retrieval request to the key management platform as a key management request. The file-sharing application receives public key data returned by the key management platform that matches the currently logged-in account, and performs a consistency check between the public key data and the local key data to obtain the verification result.

[0214] If the public key data indicates an encrypted public key matching the currently logged-in account, it means the account has already registered for a secure sharing service based on a file-sharing application. If the local key data indicates the current key pair is not empty but does not match the encrypted public key indicated by the public key data, it means the newly added device may have previously been logged into by another account, and the key management platform may not yet have synchronized the key data matching the currently logged-in account to the new device. The file-sharing application can use the key synchronization service to find the target key pair corresponding to the encrypted public key and replace the current key pair for storage with the target key pair.

[0215] If the public key data indicates that the encrypted public key matching the currently logged-in account is empty, it means that the currently logged-in account has not yet registered for a secure sharing service based on the file-sharing application. The file-sharing application can generate a local key pair based on the currently logged-in account. The file-sharing application uses the local key pair as the new current key pair and uploads the currently logged-in account, the device information of the electronic device, and the public key from the local key pair to the key management platform.

[0216] As another example, in response to detecting a service logout event of a file-sharing application on an electronic device, the file-sharing application sends a key deletion request to the key management platform as a key management request. In response to the received key deletion request, the key management platform deletes the encrypted public key matching the currently logged-in account.

[0217] Therefore, the public key data returned by the key management platform indicates that the encrypted public key matching the currently logged-in account is empty. In response to the empty encrypted public key matching the currently logged-in account, the file-sharing application deletes the current key pair stored locally.

[0218] Furthermore, in response to detecting a service logout event of a file-sharing application on another electronic device, the file-sharing application initiates a key retrieval request to the key management platform as a key management request. The file-sharing application receives public key data returned by the key management platform, indicating that the currently logged-in account is inactive. And, in response to the currently logged-in account being inactive, the file-sharing application deletes the current key pair.

[0219] File-sharing applications on the current device can monitor service deregistration events on other devices in real time through a connection established with the key management platform. When a file-sharing application on another device performs a deregistration operation, the key management platform sends a corresponding deregistration event notification to the current device. Upon receiving this notification, the file-sharing application can respond and initiate a key retrieval request to update the key data on the current device, ensuring that the key data across all devices remains synchronized and consistent.

[0220] The following example illustrates the key management method of this application embodiment, using a key management platform as the executing entity.

[0221] Upon receiving a key management request, the key management platform returns the corresponding public key data to the electronic device based on the current login account provided in the request. This public key data indicates the encrypted public key stored in the key management platform that matches the currently logged-in account. Depending on the specific circumstances, the encrypted public key matching the currently logged-in account may or may not be empty.

[0222] In one example, when the key management request is a key deletion request, the key management platform deletes the encrypted public key matching the currently logged-in account. After deleting the encrypted public key, the key management platform still sends public key data to the electronic device. In this case, the public key data indicates that the encrypted public key matching the currently logged-in account is empty. As described above, the key deletion request is triggered by the electronic device when it detects a service logout event from a file-sharing application.

[0223] In addition, in response to a received key deletion request, the key management platform will also set the status of the currently logged-in account to inactive. Subsequently, when other devices associated with the currently logged-in account send key management requests to the key management platform, the platform will still return public key data to the corresponding device, indicating that the encrypted public key matching the currently logged-in account is empty.

[0224] In another example, the key management platform stores the received key certificate data. The key certificate data includes the encrypted public key matching the currently logged-in account, the current logged-in account, and device information of the electronic device. The key certificate data is generated by the electronic device based on its local key data and the public key data returned by the key management platform.

[0225] The currently logged-in account can be a mobile phone number, email address, username, social media account, ID card number, or other uniquely identifying information. The currently logged-in account can be represented as a string. Device information includes, for example, device identifier, device model, and operating system version. The public key is usually represented as a string, but may be appropriately encoded or encrypted during actual storage.

[0226] For example, in response to the received key certificate data, the key management platform sets an expiration parameter matching the encrypted public key based on the key type of the encrypted public key. Furthermore, the key management platform associates and stores the key certificate data and the expiration parameter with the currently logged-in account as the primary key. The key types include temporary key types and permanent key types.

[0227] Figure 12 This diagram illustrates a key management process. Data interaction between a file-sharing application on an electronic device and a key management platform is used to implement the key management process of this embodiment. Figure 12 As shown, the file-sharing application includes a secure envelope module, an information query module, an account management module, a security component module, and a key management module. The key management platform can be a secure cloud platform composed of a computer cluster.

[0228] The security envelope module queries the account login status on the second terminal from the account management module. The account management module returns the currently logged-in account on the electronic device as the query result to the security envelope module. The security envelope module also queries the account cache information of the currently logged-in account from the account management module, and the account management module returns the cached information as the query result. The query result includes information such as the authentication token (ServiceToken), user unique identifier (UserID), and device unique identifier (DeviceID) associated with the currently logged-in account.

[0229] The secure envelope module requests a cloud-based secure channel from the key management platform, and the key management platform returns a secure channel for end-to-cloud authentication.

[0230] The secure envelope module requests the generation of a business key pair for key authentication from the key management module, and retrieves the certificate chain from the key management module. The secure envelope module also requests the generation of an ECC public key from the security component module for communication key negotiation; the security component module returns the ECC public key and its corresponding alias. Finally, the secure envelope module uploads the certificate chain and channel public key information to the key management platform, and the key management platform returns the cloud public key to the secure envelope module.

[0231] The secure envelope module sends the cloud public key to the secure component module to generate a communication session key, and the secure component module returns the communication session key to the secure component module.

[0232] The secure envelope module queries the key management platform to see if the currently logged-in account has been registered. The key management platform returns the query result to the secure envelope module, indicating that the currently logged-in account has not yet registered for the secure sharing service based on the file sharing application.

[0233] The secure envelope module requests a signature key pair and an encryption / decryption key pair from the information query module. The information query module requests the security component module to generate the signature key pair, and the security component module returns the key generation result to the information query module. The information query module then requests the security component module to generate the encryption / decryption key pair, and the security component module returns the key generation result to the information query module. Finally, the information query module queries the security component module for the signature public key and the encryption public key, and the security component module returns the corresponding public key data to the information query module.

[0234] The secure envelope module requests the key management module to sign the signing public key and encryption public key using the private key corresponding to the HUKS business certificate. The key management module returns the signing result to the secure envelope module. The secure envelope module then requests the security component module to encrypt the key certificate data using the session communication key. The security component module returns the data encryption result to the secure envelope module.

[0235] The secure envelope module uploads encrypted key certificate data to the key management platform. The key certificate data includes signed public key data, the currently logged-in account, and device information for the second terminal. The key management platform verifies the signature information in the key certificate data. If the verification passes, the key management platform saves the key certificate data in its database and returns the operation result to the secure envelope module.

[0236] In addition, the security component module stores the signature key pair and the encryption / decryption key pair.

[0237] Figure 13 This diagram illustrates yet another key management process. The key management process of this embodiment is implemented by interacting with the key management platform through a file-sharing application on an electronic device. Figure 13As shown, the file-sharing application includes a secure envelope module, an information query module, an account management module, a security component module, and a key management module. The key management platform can be a secure cloud platform composed of a computer cluster.

[0238] The security envelope module queries the account login status on the second terminal from the account management module. The account management module returns the currently logged-in account on the electronic device as the query result to the security envelope module. The security envelope module also queries the account cache information of the currently logged-in account from the account management module, and the account management module returns the cached information as the query result. The query result includes information such as the authentication token (ServiceToken), user unique identifier (UserID), and device unique identifier (DeviceID) associated with the currently logged-in account.

[0239] The secure envelope module requests a cloud-based secure channel from the key management platform, and the key management platform returns a secure channel for end-to-cloud authentication.

[0240] The secure envelope module requests the generation of a business key pair for key authentication from the key management module, and retrieves the certificate chain from the key management module. The secure envelope module also requests the generation of an ECC public key from the security component module for communication key negotiation; the security component module returns the ECC public key and its corresponding alias. Finally, the secure envelope module uploads the certificate chain and channel public key information to the key management platform, and the key management platform returns the cloud public key to the secure envelope module.

[0241] The secure envelope module sends the cloud public key to the secure component module to generate a communication session key, and the secure component module returns the communication session key to the secure component module.

[0242] The secure envelope module queries the key management platform to see if the currently logged-in account has been registered. The key management platform returns a registration result to the secure envelope module, along with the public key information. The registration result indicates that the currently logged-in account has registered for a secure sharing service based on the file-sharing application.

[0243] The secure envelope module retrieves the signature key pair and encryption / decryption key pair from the secure component module based on the alias. The secure component module then returns the query results to the secure envelope module. Querying a key pair based on an alias means retrieving the associated key by using an alias or identifier. In the field of encryption and security, aliases can be used to represent specific keys without directly exposing the key itself. When the key is needed, it can be retrieved through the alias or identifier for encryption, decryption, or other security operations.

[0244] If the key pair query fails, the security component module returns an empty result, indicating that there is no corresponding key pair locally. The security envelope module displays an error message, indicating that the electronic device has not joined the trust ring or has not completed data synchronization. In this case, it is necessary to confirm whether the electronic device has joined the trust ring, or wait for the cloud to synchronize the key data to the electronic device.

[0245] If the key pair query is successful, the security component module returns the public key data. The security envelope module verifies the consistency between the public key returned from the cloud and the local public key, and updates the local key pair based on the verification result.

[0246] In end-to-end data encryption schemes, the sender and receiver typically need to negotiate a key to ensure that they share the same key. For example, in a public-private key pair-based key negotiation scheme, the sender needs to obtain the receiver's encryption public key from a key management platform, use the encryption public key to encrypt the file to be shared, and then send the encrypted file to the receiver.

[0247] Therefore, the recipient needs to generate a public-private key pair before sending the file and upload the encrypted public key to the key management platform. Otherwise, the sender needs to wait for the recipient to generate the public-private key pair and upload the encrypted public key, resulting in a poor user experience.

[0248] This application's embodiment solves the sender's waiting problem by using a key management platform as a public key escrow platform to generate temporary key pairs for users who are not using the escrow platform. After the recipient uploads their official public key to the key management platform, the platform replaces the temporary key, ensuring that previous files can be decrypted, and simultaneously encrypts subsequent files using the official public key, effectively guaranteeing the security of file transmission.

[0249] This application provides a file sharing method. First, an illustrative example is given with the execution subject being a first terminal.

[0250] In response to the identifier information of the user-selected recipient, the first terminal sends a key retrieval request to the key management platform, carrying the recipient's identifier information in the request. The first terminal receives a temporary encryption public key returned by the key management platform, generated by the platform after determining, based on the identifier information, that the recipient has not registered for the secure sharing service. The first terminal encrypts the file to be shared using a randomly generated file key to obtain the ciphertext of the shared file, and encrypts the file key using the temporary encryption public key to obtain a file key envelope. The first terminal sends the file key envelope to the key management platform and, through a third-party application, sends the ciphertext of the shared file to the second terminal corresponding to the recipient.

[0251] To ensure that the file to be shared can be decrypted within the validity period of the temporary encryption public key, a file validity period needs to be set, which should not exceed the validity period of the temporary encryption public key. For example, in response to the received temporary encryption public key, the first terminal displays the pending authorization validity period parameter matching the file to be shared. In response to the user's parameter input for the pending authorization validity period parameter, the first terminal uses the input parameter as the access policy parameter for the file to be shared. The first terminal generates access policy data corresponding to the access policy parameter and sends the access policy data to the key management platform. The allowed input parameter value for the pending authorization validity period parameter is no greater than the preset validity period length matching the temporary encryption public key.

[0252] Optionally, after sending the encrypted shared file to the second terminal, the first terminal sends a notification message to the second terminal, indicating that the first terminal has completed the file sharing operation based on the secure sharing service. The second terminal can know from the notification message that it has received the encrypted shared file and can register for the secure sharing service in the file sharing application to decrypt the encrypted shared file through the file sharing application.

[0253] Next, we will use a system as an example to illustrate the process. The system can be an end-to-end encryption system, including a first terminal, a second terminal, and a key management platform.

[0254] In response to the identifier information of the user-selected recipient, the first terminal sends a key retrieval request to the key management platform, the request carrying the identifier information of the recipient. The key management platform, in response to the received key retrieval request, searches for a matching public key based on the identifier information carried in the request.

[0255] If the encrypted public key is not found, the key management platform generates a temporary key pair that matches the identification information and sends the temporary encrypted public key from the temporary key pair to the first terminal. For example, the key management platform generates a random number using a secure random number generation algorithm as the key seed for the temporary key pair. A temporary key pair is then generated based on the key seed using a key generation algorithm. Key generation algorithms include, for example, elliptic curve cryptography (ECC) or RSA. The public key portion is then extracted from the generated temporary key pair to serve as the temporary encrypted public key. The key management platform sends the temporary encrypted public key to the first terminal, allowing the first terminal to use it to encrypt the file key, obtaining the file key envelope.

[0256] When the key management platform fails to find a matching public key, it indicates that the currently logged-in account on the second terminal has not registered for a secure sharing service based on a file-sharing application, and the key management platform has not stored key data matching the currently logged-in account. The currently logged-in account can be a mobile phone number, email address, username, social media account, ID card number, or other uniquely identifying information. The currently logged-in account constitutes the identification information of the person being shared with.

[0257] The first terminal encrypts the file to be shared using a randomly generated file key to obtain the ciphertext of the shared file, and encrypts the file key using a temporary encryption public key to obtain a file key envelope. The first terminal sends the file key envelope to the key management platform and sends the ciphertext of the shared file to the second terminal corresponding to the recipient through a third-party application.

[0258] The key management platform responds to the received file key envelope by storing the file key envelope.

[0259] After a third-party application on the second terminal receives the encrypted shared file sent from the first terminal, the second terminal displays an option to view the encrypted shared file through the file-sharing application. In response to the user's triggering action on the aforementioned option, the file-sharing application sends a key retrieval request to the key management platform. The key retrieval request includes a timestamp parameter, the file ID of the file to be decrypted, and the identification information of the recipient.

[0260] When a user chooses to view the encrypted shared file through a file-sharing application, it indicates that the user requests to register for a secure sharing service based on the file-sharing application. The file-sharing application generates a public-private key pair that matches the currently logged-in account on the second terminal. This public-private key pair may include, for example, a signing public-private key pair and an encryption public-private key pair.

[0261] The file-sharing application uses the second terminal's current login account, device information, and the encrypted public key matching the current login account as key certificate data, and uploads the key certificate data to the key management platform. The current login account constitutes the identifier of the recipient, and the key certificate data instructs the recipient to request registration for the secure sharing service based on the file-sharing application.

[0262] The key management platform responds to the received key certificate data and stores it. After receiving the key certificate data from the second terminal, if it receives a key retrieval request from another terminal, the key management platform will directly return the encrypted public key from the key certificate data to the corresponding terminal, instead of providing a temporary encrypted public key.

[0263] In response to a key acquisition request sent by the second terminal, the key management platform determines whether the key type corresponding to the file to be decrypted is a temporary encryption public key based on the timestamp parameter and file ID in the key acquisition request.

[0264] When the key type is a temporary encryption public key, the key management platform uses the encryption public key in the key certificate data to encrypt the file key envelope and the temporary decryption private key that matches the temporary encryption public key, obtaining the key encapsulation data, and then returns the key encapsulation data to the second terminal. When the key type is a non-temporary encryption public key, the key management platform directly returns the file key envelope to the second terminal.

[0265] In the second terminal, the file-sharing application responds to the received key-encapsulated data by decrypting it using a locally stored decryption private key, obtaining a file key envelope and a temporary decryption private key. The file-sharing application then uses the temporary decryption private key to decrypt the file key envelope, obtaining the file key. Finally, the file-sharing application uses the file key to decrypt the encrypted shared file, obtaining and displaying the shared file content.

[0266] After completing the decryption operation on the shared file's encrypted text, the file-sharing application clears the file key and the temporary decryption private key.

[0267] If the key management platform does not receive key certificate data from the second terminal, it indicates that the currently logged-in account on the second terminal has not yet registered for the secure sharing service based on the file-sharing application. When other terminals need to send encrypted files to the second terminal, they will send a key acquisition request to the key management platform to request the public key used to encrypt the file key.

[0268] In response to a key retrieval request received from another terminal, the key management platform searches for a matching public key based on the identifier information of the recipient carried in the request. If no public key is found, the key management platform sends a generated temporary public key to the other terminals, allowing them to encrypt the file key using the temporary public key. Other terminals include those other than the first terminal.

[0269] Because temporary encryption public keys have a short validity period, the key management platform needs to scan the validity of temporary key pairs at a preset frequency. If a temporary key pair expires, the key management platform will destroy the corresponding temporary key pair as an invalid key pair.

[0270] If the second terminal does not send a key acquisition request to the key management platform to obtain the file key envelope used to decrypt the encrypted shared file within the validity period of the temporary encryption public key, the key management platform will no longer provide the temporary encryption public key.

[0271] For example, the key management platform receives a key acquisition request sent by a second terminal. The key acquisition request includes a timestamp parameter and the file ID of the file to be decrypted. The key acquisition request is used to request a file key envelope matching the file to be decrypted. Based on the timestamp parameter and the file ID, the key management platform determines whether the key type corresponding to the file to be decrypted is a temporary encryption public key. If the key type is a temporary encryption public key, the key management platform determines whether the temporary encryption public key is an expired encryption public key. Furthermore, in response to the temporary encryption public key being an expired encryption public key, the key management platform refuses to provide the file key envelope to the second terminal.

[0272] Figure 14 This diagram illustrates yet another file-sharing process. Data interaction between a file-sharing application on a second terminal and a key management platform is performed to realize the file-sharing process of this embodiment. Figure 14 As shown, the file-sharing application includes a secure envelope module, an information query module, an account management module, a security component module, and a key management module. The key management platform can be a secure cloud platform composed of a computer cluster.

[0273] The security envelope module queries the account login status on the second terminal from the account management module. The account management module returns the currently logged-in account on the second terminal to the security envelope module as the query result. The security envelope module also queries the account cache information of the currently logged-in account from the account management module. The account management module returns the cached information to the security envelope module as the query result. The query result includes information such as the authentication token (ServiceToken), user unique identifier (UserID), and device unique identifier (DeviceID) associated with the currently logged-in account.

[0274] The secure envelope module imports the encrypted shared file and parses the file metadata to obtain the file ID, which is used to uniquely identify the encrypted shared file.

[0275] The secure envelope module queries the information query module for a signature key pair and encryption / decryption key pair that match the currently logged-in account. The information query module then queries the security component module for a key pair based on the alias. The security component module returns the query results to the information query module, indicating that a signature key pair and encryption / decryption key pair matching the currently logged-in account are stored locally. The information query module then returns the query results to the secure envelope module.

[0276] The secure envelope module queries the key management platform to see if a temporary key is stored in the cloud. The key management platform returns the query result to the secure envelope module, indicating that a temporary key is stored in the cloud.

[0277] The secure envelope module requests key data from the information query module, which in turn queries the security component module for public key data. The security component module then returns the public key data to the information query module, which includes a signature public key and an encryption public key matching the currently logged-in account. The information query module then transmits the public key data to the secure envelope module.

[0278] The secure envelope module requests the key management module to sign the signing public key and the encryption public key, and the key management module requests the secure envelope module to return the signed public key data.

[0279] The secure envelope module uploads key certificate data to the key management platform. This data includes signed public key data, the currently logged-in account, and device information for the second terminal. The key management platform verifies the signature information in the key certificate data. If the verification passes, the key management platform saves the key certificate data in its database and returns the operation result to the secure envelope module.

[0280] The key management platform checks whether temporary key pairs have expired at a preset frequency, and deletes them if they have expired.

[0281] The secure envelope module generates a key envelope request based on the file ID and sends it to the information query module. The information query module then sends the key envelope request to the key management module, requesting the key management module to sign the key envelope request using its signing private key. The key management module returns the signature data to the information query module, which then passes the signature data to the secure envelope module.

[0282] The secure envelope module sends a signed key envelope request to the key management platform to request a key envelope. The key management platform verifies the signature information in the key envelope request and determines whether the request is valid based on the file ID. If the request is valid, the key management platform encapsulates the temporary key and key envelope using the encrypted public key, and returns both the encapsulated temporary key and key envelope to the secure envelope module. The secure envelope module then performs subsequent file decryption operations based on the received key data.

[0283] It is understood that, in order to achieve the above-mentioned functions, electronic devices include hardware and / or software modules that perform the respective functions. Based on the algorithmic steps of the examples described in the embodiments disclosed herein, this application can be implemented in hardware or a combination of hardware and computer software. Whether a function is executed by hardware or by computer software driving hardware depends on the specific application and design constraints of the technical solution. Those skilled in the art can use different methods to implement the described functions for each specific application in conjunction with the embodiments, but such implementation should not be considered beyond the scope of this application.

[0284] All relevant content of each step involved in the above method embodiments can be referenced from the functional description of the corresponding functional module, and will not be repeated here.

[0285] This embodiment also provides an electronic device, including: one or more processors, a memory, and one or more computer programs, wherein the one or more computer programs are stored in the memory, and when the computer programs are executed by the one or more processors, the electronic device performs the following steps: in response to the identification information of the user-selected sharer, sending the identification information to a key management platform; receiving an encryption public key returned by the key management platform that matches the identification information; encrypting the file to be shared using a randomly generated file key to obtain ciphertext of the sharer file; encrypting the file key using the encryption public key to obtain a file key envelope; in response to the access policy parameters generated for the file to be shared, generating a sharer file header and access policy data corresponding to the access policy parameters; and sending the file key envelope and access policy data to the key management platform, and sending the sharer file header and ciphertext of the sharer file to a second terminal corresponding to the sharer file through a third-party application.

[0286] This embodiment also provides a computer storage medium storing computer instructions. When the computer instructions are executed on an electronic device, the electronic device performs the aforementioned method steps to implement the file sharing method described above.

[0287] This embodiment also provides a computer program product that, when run on a computer, causes the computer to perform the aforementioned steps to implement the file sharing method described above.

[0288] In addition, embodiments of this application also provide an apparatus, which may specifically be a chip, component, or module. The apparatus may include a connected processor and a memory; wherein the memory is used to store computer execution instructions, and when the apparatus is running, the processor may execute the computer execution instructions stored in the memory to cause the chip to execute the file sharing methods in the above method embodiments.

[0289] In this embodiment, the electronic device, computer storage medium, computer program product or chip are all used to execute the corresponding method provided above. Therefore, the beneficial effects that can be achieved can be referred to the beneficial effects of the corresponding method provided above, and will not be repeated here.

[0290] Through the above description of the embodiments, those skilled in the art will understand that, for the sake of convenience and brevity, only the division of the above functional modules is used as an example. In actual applications, the above functions can be assigned to different functional modules as needed, that is, the internal structure of the device can be divided into different functional modules to complete all or part of the functions described above.

[0291] In the several embodiments provided in this application, it should be understood that the disclosed apparatus and methods can be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative; for instance, the division of modules or units is only a logical functional division, and in actual implementation, there may be other division methods. For example, multiple units or components may be combined or integrated into another apparatus, or some features may be ignored or not executed. Furthermore, the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces; the indirect coupling or communication connection between apparatuses or units may be electrical, mechanical, or other forms.

[0292] The units described as separate components may or may not be physically separate. A component shown as a unit can be one or more physical units; that is, it can be located in one place or distributed in multiple different locations. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.

[0293] Furthermore, the functional units in the various embodiments of this application can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit. The integrated unit can be implemented in hardware or as a software functional unit.

[0294] Any content in the various embodiments of this application, as well as any content in the same embodiment, can be freely combined. Any combination of the above content is within the scope of this application.

[0295] If the integrated unit is implemented as a software functional unit and sold or used as an independent product, it can be stored in a readable storage medium. Based on this understanding, the technical solutions of the embodiments of this application, in essence, or the parts that contribute to the prior art, or all or part of the technical solutions, can be embodied in the form of a software product. This software product is stored in a storage medium and includes several instructions to cause a device (which may be a microcontroller, chip, etc.) or processor to execute all or part of the steps of the methods of the various embodiments of this application. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.

[0296] The embodiments of this application have been described above with reference to the accompanying drawings. However, this application is not limited to the specific embodiments described above. The specific embodiments described above are merely illustrative and not restrictive. Those skilled in the art can make many other forms under the guidance of this application without departing from the spirit and scope of the claims, and all of these forms are within the protection scope of this application.

[0297] The steps of the methods or algorithms described in conjunction with the embodiments of this application can be implemented in hardware or by a processor executing software instructions. The software instructions can consist of corresponding software modules, which can be stored in random access memory (RAM), flash memory, read-only memory (ROM), erasable programmable read-only memory (EPROM), electrically erasable programmable read-only memory (EEPROM), registers, hard disks, portable hard disks, CD-ROMs, or any other form of storage medium well known in the art. One exemplary embodiment involves a storage medium coupled to a processor, enabling the processor to read information from and write information to the storage medium. Of course, the storage medium can also be a component of the processor. The processor and the storage medium can reside in an ASIC.

[0298] Those skilled in the art will recognize that the functions described in the embodiments of this application in one or more of the above examples can be implemented using hardware, software, firmware, or any combination thereof. When implemented using software, these functions can be stored in a computer-readable medium or transmitted as one or more instructions or code on a computer-readable medium. Computer-readable media include computer storage media and communication media, wherein communication media include any medium that facilitates the transfer of a computer program from one place to another. Storage media can be any available medium that can be accessed by a general-purpose or special-purpose computer.

[0299] The embodiments of this application have been described above with reference to the accompanying drawings. However, this application is not limited to the specific embodiments described above. The specific embodiments described above are merely illustrative and not restrictive. Those skilled in the art can make many other forms under the guidance of this application without departing from the spirit and scope of the claims, and all of these forms are within the protection scope of this application.

Claims

1. A file sharing method characterized by, Applied to a first terminal, the method includes: In response to the identifier information of the user-selected sharer, the identifier information is sent to the key management platform; Receive the encrypted public key that matches the identification information returned by the key management platform; The file to be shared is encrypted using a randomly generated file key to obtain the ciphertext of the shared file. The file key is encrypted using the public key to obtain a file key envelope; In response to access policy parameters generated for the file to be shared, a shared file header and access policy data corresponding to the access policy parameters are generated; wherein, the first terminal includes a file sharing application, which determines an access control identifier matching the file to be shared based on the access policy parameters; and the file sharing application constructs a shared file header containing the access control identifier, wherein the access control identifier is used to indicate the file access parameters that the second terminal needs to report when viewing the encrypted shared file; and The key management platform sends the file key envelope and the access policy data to the key management platform, and sends the shared file header and the shared file ciphertext to the second terminal corresponding to the shared user through a third-party application; wherein, in response to the access policy parameters for the shared file ciphertext being satisfied, the key management platform returns the file key envelope to the second terminal.

2. The method of claim 1, wherein, The file sharing application provides key management and encryption / decryption functions. The file sharing application and the key management platform interact through data to implement the file sharing method.

3. The method of claim 2, wherein, The method further includes: During file sharing, the file sharing application displays pending authorization policy parameters that match the file to be shared; and In response to a parameter-giving operation for the pending authorization policy parameters, the file-sharing application uses the given parameters as the access policy parameters generated for the file to be shared.

4. The method of claim 3, wherein, The file access parameters include at least one of the following parameters: timestamp parameter, location identification parameter, and terminal identification parameter.

5. The method of claim 1, wherein, The access policy parameters include at least one of the following parameters: file validity period, trusted access address, trusted access time, terminal restriction parameters, and access restriction number of times.

6. The method of claim 2, wherein, Sending the file key envelope and the access policy data to the key management platform includes: The file-sharing application packages the file key envelope and the access policy data to obtain the access control data for the file to be shared; and The file-sharing application uses a signing private key to sign the access control data and then sends the signed access control data to the key management platform.

7. The method of claim 2, wherein, Sending the shared file header and the shared file ciphertext to the second terminal corresponding to the recipient via a third-party application includes: The file-sharing application merges the shared file header and the shared file ciphertext to obtain a shared file package; and The file-sharing application sends the shared file package to the second terminal via a social platform or instant messaging software on the first terminal.

8. The method of claim 2, wherein, When a user uses the file-sharing application for the first time, the application automatically generates an encryption key pair and a signing key pair, and uploads the encryption public key and the signing public key to the key management platform.

9. The method of claim 1, wherein, The key management platform is a cloud service platform composed of a computer cluster.

10. The method of claim 1, wherein, The identification information includes an email address or mobile phone number.

11. A file sharing method characterized by, Applied to a second terminal, the second terminal including a file-sharing application, the method includes: In response to viewing a shared file packet sent by the first terminal through the file sharing application, the file sharing application parses the shared file header to obtain an access control identifier that matches the shared file ciphertext, wherein the shared file header and the shared file ciphertext constitute the shared file packet; When the access control identifier indicates that file access parameters need to be reported, the file sharing application obtains the file access parameters from the trusted execution environment of the second terminal; The file sharing application sends a key acquisition request to the key management platform. The key acquisition request carries the file access parameters and the identification information of the shared user. The file sharing application receives a file key envelope returned by the key management platform based on the file access parameters and the identification information; wherein, in response to the access policy parameters for the encrypted shared file being satisfied, the key management platform returns the file key envelope to the second terminal; The file-sharing application uses the decryption private key to decrypt the file key envelope to obtain the file key; and The file-sharing application uses the file key to decrypt the encrypted shared file, obtain the content of the shared file, and display it.

12. The method of claim 11, wherein, In response to viewing a shared file packet sent by the first terminal via the file-sharing application, the file-sharing application parses the shared file header, including: In response to a third-party application receiving the shared file package sent by the first terminal, an option to view the shared file package through the file-sharing application is displayed; and In response to a triggered action for the option, the file-sharing application parses the header of the shared file in the shared file package.

13. The method of claim 11, wherein, When the access control identifier indicates that file access parameters need to be reported, the file sharing application obtains the file access parameters from the trusted execution environment of the second terminal, including: When the access control identifier indicates that the file access parameters need to be reported, the file sharing application obtains the file access parameters, signed by the trusted execution environment, from the second terminal. The file access parameters include at least one of the following parameters: timestamp parameter, location identification parameter, and terminal identification parameter.

14. The method of claim 11, wherein, The method further includes: In response to completing the decryption operation on the shared file ciphertext, the file-sharing application clears the file key and the file key envelope.

15. The method according to claim 11, characterized in that, The method further includes: In response to detecting an operation to exit the file-sharing application, the file-sharing application clears the shared file content stored in memory.

16. A file sharing method characterized by, The method, applied to an end-to-end encryption system, comprising a first terminal, a second terminal, and a key management platform, includes: The first terminal sends the identification information of the user-selected sharer to the key management platform; The key management platform returns an encrypted public key that matches the identification information to the first terminal; The first terminal uses a randomly generated file key to encrypt the file to be shared, obtaining the ciphertext of the shared file, and uses the encryption public key to encrypt the file key, obtaining the file key envelope; In response to the access policy parameters generated for the file to be shared, the first terminal generates a shared file header and access policy data corresponding to the access policy parameters; wherein, the first terminal includes a file sharing application, which determines an access control identifier matching the file to be shared based on the access policy parameters; and the file sharing application constructs the shared file header containing the access control identifier, wherein the access control identifier is used to indicate the file access parameters that the second terminal needs to report when viewing the encrypted shared file; The first terminal sends the file key envelope and the access policy data to the key management platform, and sends a shared file package to the second terminal through a third-party application. The shared file package includes the shared file header and the shared file ciphertext. In response to the received shared file packet, the second terminal parses the shared file header to obtain an access control identifier that matches the encrypted shared file. When the access control identifier indicates that file access parameters need to be reported, the second terminal obtains the file access parameters from the trusted execution environment. The second terminal sends a key acquisition request to the key management platform, the key acquisition request carrying the file access parameters and the identification information of the sharer; The key management platform determines whether all access policy parameters for the shared encrypted file are satisfied based on the received file access parameters and the identification information. In response to the fact that all access policy parameters for the encrypted shared file are satisfied, the key management platform returns the file key envelope to the second terminal; The second terminal uses the decryption private key to decrypt the file key envelope to obtain the file key; and The second terminal uses the file key to decrypt the encrypted shared file, obtains the content of the shared file, and displays it.

17. The method of claim 16, wherein, The first terminal sends the file key envelope and the access policy data to the key management platform, including: The first terminal packages the file key envelope and the access policy data to obtain the access control data of the file to be shared; and The first terminal signs the access control data using a signing private key and sends the signed access control data to the key management platform.

18. The method of claim 17, wherein, The method further includes: In response to the received key acquisition request, the key management platform performs signature verification on the access control data using the signing public key matched with the sharer; and If the signature verification is successful, the key management platform parses the access control data to obtain the file key envelope and the access policy data.

19. The method of claim 16, wherein, The key management platform determines, based on the received file access parameters and the identification information, whether all access policy parameters for the shared file ciphertext are satisfied, including: Based on the received identification information, the key management platform determines whether the user of the second terminal is the target user for sharing the encrypted file. When the user of the second terminal is the target user for sharing, the key management platform determines whether the file access parameters meet the corresponding access policy parameters; and If the file access parameters satisfy the corresponding access policy parameters, the key management platform determines whether all other access policy parameters, except for the corresponding access policy parameters, are satisfied based on the received log data that matches the identification information.

20. The method according to claim 19, characterized in that, The file access parameters include at least one of the following parameters: timestamp parameter, location identification parameter, and terminal identification parameter; and The access policy parameters include at least one of the following parameters: file validity period, trusted access address, trusted access time, terminal restriction parameters, and access restriction number of times.

21. The method of claim 20, wherein, The key management platform determines whether the file access parameters meet the corresponding access policy parameters, including at least one of the following: Based on the timestamp parameter, determine whether the time when the second terminal requests to view the encrypted shared file meets the file validity period and / or the trusted access time; Based on the location identification parameters, determine whether the address where the second terminal requests to view the encrypted shared file is the trusted access address; as well as Based on the terminal identification parameters, determine whether the second terminal meets the terminal restriction parameters.

22. An electronic device, comprising: include: One or more processors, memory, and one or more computer programs, wherein the one or more computer programs are stored in the memory, and when the computer programs are executed by the one or more processors, cause the electronic device to perform the following steps: In response to the identifier information of the user-selected sharer, the identifier information is sent to the key management platform; Receive the encrypted public key that matches the identification information returned by the key management platform; The file to be shared is encrypted using a randomly generated file key to obtain the ciphertext of the shared file. The file key is encrypted using the public key to obtain a file key envelope; In response to access policy parameters generated for the file to be shared, a shared file header and access policy data corresponding to the access policy parameters are generated; wherein, the first terminal includes a file sharing application, which determines an access control identifier matching the file to be shared based on the access policy parameters; and the file sharing application constructs the shared file header containing the access control identifier, wherein the access control identifier is used to indicate the file access parameters that the second terminal needs to report when viewing the encrypted shared file; and The key management platform sends the file key envelope and the access policy data to the key management platform, and sends the shared file header and the shared file ciphertext to the second terminal corresponding to the shared user through a third-party application; wherein, in response to the access policy parameters for the shared file ciphertext being satisfied, the key management platform returns the file key envelope to the second terminal.

23. An electronic device, comprising: include: One or more processors, memory, a file-sharing application, and one or more computer programs, wherein the one or more computer programs are stored on the memory, and when the computer programs are executed by the one or more processors, the electronic device causes the following steps to be performed: In response to viewing a shared file packet sent by the first terminal through the file sharing application, the file sharing application parses the shared file header to obtain an access control identifier that matches the shared file ciphertext, wherein the shared file header and the shared file ciphertext constitute the shared file packet; When the access control identifier indicates that file access parameters need to be reported, the file sharing application obtains the file access parameters from the trusted execution environment of the second terminal; The file sharing application sends a key acquisition request to the key management platform. The key acquisition request carries the file access parameters and the identification information of the shared user. The file sharing application receives a file key envelope returned by the key management platform based on the file access parameters and the identification information; wherein, in response to the access policy parameters for the encrypted shared file being satisfied, the key management platform returns the file key envelope to the second terminal; The file-sharing application uses the decryption private key to decrypt the file key envelope to obtain the file key; and The file-sharing application uses the file key to decrypt the encrypted shared file, obtain the content of the shared file, and display it.

24. A computer-readable storage medium, characterized in that, Includes a computer program that, when run on an electronic device, causes the electronic device to perform the file sharing method as described in any one of claims 1 to 21.