So, I’ve had a bit of a stupid idea for my next programming project, which would be implementing a Microsoft Recall alternative for Linux where the data is encrypted. I’ve now written a bit of code and have come to the point where I’d need to encrypt the files. My plan was to use asymmetric encryption where the secret key is again encrypted using something like AES and the user needs to decrypt the private key to view the screenshots taken / data extracted from the screenshots.
I have now learned that asymmetric encryption is very slow and it’s generally not designed to encrypt large chunks of data, so I’m not sure how to continue. Do you think asymmetric encryption is feasible for this? Any idea how else to do the encryption? Ideally I would like for the server that takes the screenshots to not have a key that can decrypt the files since that wouldn’t be as secure.
I think your terminology is off. AES is an example of symmetric encryption: Decryption requires the same key as encryption.
An example of asymmetric encryption would be public-key cryptography: You encrypt a message with the public key, but only a private key can decrypt the result.
AES should be fine for encrypting large blocks of data.
I believe that for systems like TLS, asymmetric encryption is only used briefly to negotiate a symmetric key between client and server.
Have in mind most image processing is done with lowered resolutions for getting more speed. So consider having a downscale parameterized as : image reduction ratio, and method (average, anti aliasing, or just use one of the pixels and discard the others)