These days everyone, it seems, likes to share the photos of their wedding day, drunken cavortings or maybe just their lunch with others online. It's the type of openness that some worry presents a threat to people's privacy that too few users recognise.
Now a group of computer scientists at the University of Southern California think they have a solution. They call it P3, an algorithm for privacy-preserving photo sharing.
Most users of sites such as Flickr or Facebook will be aware that their job prospects might be harmed if they post compromising pictures online. Many do so anyway, while others tinker with their privacy settings.
But that still leaves users at risk from what is termed fusking – an attempt to reverse engineer the URLs of shared photos that can bypass privacy settings, warns Moo-Ryong Ra and his colleagues at the University of Southern California.
Users of photo sharing sites may also have their privacy undermined through the use of facial recognition technology, which may be able to infer information about users that they don't wish to share. That could be something as simple as their attendance at a party when they were supposed to be ill, or in more authoritarian states, consorting with dissidents.
“Despite these privacy threats, it is not clear that the usage of photo sharing services will diminish in the near future,” the researchers note.
One possible solution for privacy-concerned users would be to encrypt the photos they share. But as Ra and his colleagues point out, encrypted photos cannot scaled easily online, as the end result is not a jpg-compliant file. Services such as Facebook have sought to prevent the uploading of encrypted files.
So to help users maintain privacy, they developed the P3 algorithm. It splits photos into public and secret components.
The public component contain the vast majority of an image's bytes, and is also compatible with the jpg standard, thereby ensuring the photo can be scaled, cropped or otherwise adjusted by the online sharing service.
But the secret component of the photo is encrypted, and used to obfuscate the image that appears online. Anyone the user wishes to share the photo with can be given a key, enabling them to make sense of the images, while ensuring unwanted intruders cannot.
In tests, using a Samsung Galaxy S3 handset, the group were able to extract a 720x720 image (the largest resolution served by Facebook) into public and private parts in 152 milliseconds. It took on average 55 milliseconds to encrypt and decrypt the secret part, and 191 milliseconds to reconstruct the image.
Of course, like many privacy preserving technologies, it's not difficult to see how the end result could be used by those with less-than-pleasant intensions, such as distributors of extreme pornography. However, it's to be hoped that the benefits outweigh the down side.
The research will be presented the Symposium on Networked Systems Design and Implementation in Lombard, Illinois in April.
Russell Group slammed for misusing student data in donation campaigns
Linus Torvalds is unhappy with current approaches to Linux security
Bug prevents ASLR from randomising location of important data
Organisations will work together on research projects to benefit UK business