Security breach by security breach, data leak by data leak, digital privacy is becoming a household phrase, but for many people, putting a four-digit passcode on their smart phone is the extent of their security measures. Just this week, researchers from Brown University's Department of Computer Science (Brown CS) have helped users of all kinds significantly improve their privacy in the digital world by targeting one of its most popular components: cloud photo storage. Professor Seny Kamara, Postdoctoral Researcher Tarik Moataz, and Brown CS alum Martin Zhu have just released Pixek, a new app that uses structured encryption to provide a simple solution for keeping our photos private while in the cloud.
"My sense is that photos are this special case," Seny says, "where people have to use the cloud because the sentimental value is too high to risk losing them and the storage costs are too large. And they give up privacy because of it."
Pixek protects users by offering encryption for the entire life cycle of a photo: when you take a photo on your smart device, the app immediately encrypts it, generating a key that only exists on your device, and then the photo is stored in encrypted form on Pixek's servers. Because the key stays only on your hardware, it remains encrypted and inaccessible to anyone else.
So now you have a hundred, a thousand, ten thousand encrypted photos. But what's the use of encryption if you can't securely search them without giving up privacy once again? Pixek solves this problem by using a technique known as structured encryption, which allows search functions to be performed without the system understanding the work that's being done.
Here's how it happens: Pixek automatically uses machine learning analysis to recognize objects and elements in your photos, then generates a series of tags that are encrypted alongside the photos. When you search for "cat" or any other tag, Pixek uses your unique key to encrypt the search and generates a unique token to unlock relevant photos. Without the token, it's impossible to replicate the same search, and because the token isn't stored on servers, you retain control.
"People today know what end-to-end encryption is," Seny says. "They're starting to have an expectation that their apps are end-to-end encrypted. At some point people will expect that their photos will be end-to-end encrypted, too."
Pixek is only being distributed in its alpha version on Android at the moment, but a public beta will appear in the months ahead and an iOS version will follow. It's already received considerable attention worldwide, from an article in WIRED to a feature on CBC Radio and a BoingBoing post. You can also watch a video of Seny talking about building and deploying encrypted search systems at the Real World Crypto conference.
For more information, please click the link that follows to contact Brown CS Communication Outreach Specialist Jesse C. Polhemus.