Password protect
your photos online.

Upload protected photos to existing social media.
Use the Chrome extension to reveal images in place.
+ Install Chrome Extension

What is Cryptagram?

Cryptagram enhances online photo privacy by adding password protection to JPEG images. Cryptagram takes regular images as input and outputs JPEG images that look like random noise. With a browser extension and the correct password, the original images are revealed. Images are decoded in-place to maintain the user experience of social media but these cleartext images reside temporarily in the browser, not on a remote server. The protocol is designed to be robust to the levels of JPEG compression on social networks so images will not be corrupted upon upload. Cryptagram is an end-to-end solution. No third-party site ever sees your original image or the password.

Demo

Can you find the secret puppy?

  1) Install the Chrome Extension then reload this tab.
  2) Right-click this image and select Decrypt Image.
  3) When asked for a password enter:  cryptagram

More demo images:

  Facebook #1 Google+ #1 - password: cat
  Facebook #2 Google+ #2 - password: cryptagram

After installation, you should see the Cryptagram icon on the right of your Chrome address bar. Here you can access settings or jump to the encoder.


Why

When users upload images to social media sites without a full understanding of the privacy settings, images may be shared inappropriately with friends, acquaintances, or strangers. Or a social network may fail to correctly implement its stated privacy policies. Cryptagram provides a direct way for people to take additional precautions with their private photo collections. We hope this project will promote dialog between users and social networks about photo privacy and the ownership of user-generated media content.

How does it work?

Image data is converted into base-64 which is then encrypted using AES block cipher, as implemented by SJCL. The resulting encrypted base-64 data is written to a JPEG with a scheme that uses 2x2 pixel blocks to represent an octal (base-8) number. Octal values are represented as shades in the luminance (Y) channel of the YCbCr colorspace. Cryptagram images can withstand JPEG compression down to approximately 72% quality (using standard libjpeg/libjpeg-turbo codecs) before the decoder fails. As JPEG quality decreases, eventually some base-8 values will become corrupted making decryption impossible without error correction.


About

Cryptagram was conceived of and created by Ian Spiro and Matt Tierney, inspired by discussions with Helen Nissenbaum and other members of the Privacy Research Group at NYU. Other contributors include: Chris Bregler, Lakshmi Subramanian, Alex Rubinsteyn, and David Iserovich.

The code is open source and available on GitHub.

If you have any questions or suggestions about the project, please send us email.