Building shareable links for encrypted albums

February 24, 2022
vishnu@ente.io

Context

Ente is a photo storage service, that employs client-side encryption to secure your data.

A few weeks ago we shipped a feature to share links to your albums, that can be viewed by family and friends who are not on Ente.

These links are accessible on mobile and desktop both, end-to-end encrypted.

What follows is an overview of this system's design.

Key Terms

Access Token

When your client requests to create a link for an album, our server generates a unique string and stores it against that album as its accessToken.

This accessToken is used from there on to authenticate requests from a receiver to access this album along with the files in it.

Album Key

Each of your files are encrypted with their own keys. These keys are then stored on our servers after being encrypted with the parent album's key.

This key, that can be used to decrypt the contents of the album and indirectly the files within it, is referred to as the albumKey.

More documentation about our envelope encryption is available here: ente.io/architecture/#file-encryption

Flows

Shareable links
Sharing

When a client requests to create a shareable link, our server generates an accessToken for the album and returns it to the client.

The client then puts together this accessToken and base58 encoded representation of the albumKey, forming a URL that contains all the information necessary to access and decrypt the contents of the album.

The resulting URL would look like: https://albums.ente.io/{accessToken}#{albumKey}.

Note: To ensure that the album remains end-to-end encrypted, the albumKey is appended to the URL fragment (the part that follows the #). URL fragments are a client side only information that is never relayed to servers.

Receiving

The server exposes a differential fetching API that returns the details of files that have been added/updated/removed since a specific timestamp.

The client fetches and caches this response, to ensure a good user experience for large albums.

The encrypted fields within this response (like the album name and file keys) can be decrypted using the albumKey present in the URL fragment. The decrypted file keys are then used to decrypt the individual file and thumbnail blobs. These decrypted blobs are finally rendered in a responsive gallery reusing components from our web client.

Abuse Mitigation

We deliberated for more time than we would like to admit on our abuse mitigation strategies. For now,

  • Only paid customers can share links to their albums.
  • Albums can be viewed at most on 50 devices (apart from the one linked below).
  • People who have access to an album can report the content for abuse here.

We will listen to customer feedback and iterate on these.

Closing Notes

This was the most upvoted feature on our roadmap and we are happy to have shipped this. There are more improvements planned, that have been discussed in the launch post.

Thank you for reading this far!

Here are some photos we clicked at our team outing the last year: albums.ente.io/?t=CsuRcc4k#4mXoniwdpWxnLQ9cFXWPJxy93YEh7wttNf9emc7ucmEZ