A new study from U.S. computer scientists reveals what may be the first way to encrypt personal images on popular cloud photo services, all without requiring any changes to — or trust in — those services. Smartphones now make it easy for virtually everyone to snap photos. The limited amount of data that smartphones hold, and how they are vulnerable to accidental loss and damage, lead many users to store their images online via cloud photo services. Google Photos is especially popular, with more than a billion users.
However, these online photo collections are not just valuable to their owners, but to attackers seeking to unearth a gold mine of personal data. Security measures such as passwords and two-factor authentication may not be enough to protect these images anymore, as the online services storing these photos can themselves sometimes be the problem.
A potential solution to this problem would be to encrypt the photos so no one but the proper users can view them. However, cloud photo services are currently not compatible with existing encryption techniques.
Hence, U.S. Engineering researchers have created a way for mobile users to enjoy popular cloud photo services while protecting their photos. The system encrypts photos uploaded to cloud services so that attackers — or the cloud services themselves — cannot decipher them. At the same time, users can visually browse and display these images as if they were not encrypted. Even if the account is hacked, attackers cannot get the photos because they are encrypted.
The system employs an image encryption algorithm whose resulting files can be compressed and still get recognised as images, albeit ones that look like black and white static to anyone except authorised users. In addition, the system works for both lossy and lossless image formats such as JPEG and PNG and is efficient enough for use on mobile devices. Encrypting each image results in three black-and-white files, each one encoding details about the original image’s red, green, or blue data
Moreover, the system creates and uploads encrypted thumbnail images to cloud photo services. Authorised users can quickly and easily browse thumbnail galleries using image browsers that incorporate the system. The system adds an extra layer of protection beyond password-based account security. The goal is to make it so that only the owners’ devices can see their sensitive photos.
The researchers wanted to make sure that each user could use multiple devices to access their online photos if desired. The problem is the same digital code or key used to encrypt a photo has to be the same one used to decrypt the image. Users often do not understand keys and requiring them to move the keys around from one device to another is too complicated for users to use. They may also copy the key the wrong way and inadvertently give everyone access to their encrypted data.
Therefore, computer scientists developed an easy-to-use way for users to manage these keys that eliminates the need for users to know or care about keys. All a user has to do to help a new device access the encrypted photos is to verify it with another device on which they have already installed and logged into the system’s enabled app. This makes it possible for multiple trusted devices to still view encrypted photos.
The lead researcher said that right now is the beginning of a major technological boom where even average users move towards moving all their data into the cloud. This comes with great privacy concerns that have only recently started rearing their ugly heads, such as the increasing number of discovered cases of cloud service employees looking at private user data. Users should have an option to protect the data that they think is really important in these popular services, and this new system is just one practical solution for this.