Ooooh, interesting.
Having read TFA now, I think I get what they’re doing
- locally generate meta tags
- upload encrypted photo
- upload encrypted mapping of meta tags to photos
So, the meta tags aren’t encrypted, but the links between a user’s photos and any meta tags they match, are.
Not entirely clear whether the user’s searches are done on the ciphertext, or the key is uploaded to allow links to be decrypted for search…
