What's the attack model under which this is better than what Google Photos does?
- You still have to give the people who access the photos the key, they can share it (just like the secret link)
- By entering it on the site, they also implicitly share it with the hosting provider (who morally shouldn't grab it, but that's not a security guarantee).
One attack model is the one described in the article, that the links leaks to someone where it shouldn't be. In that case, an encryption key that is set to expire[1], would limit the scope of that leak. Of course, if someone would screenshot the image it could be too late, so the attack model does not include people that know the key will expire...
Your approach isn't solving any problems, but adds to confusion. Keep in mind Google Photos is a consumer product meant to be used by everyone between tech savvy teenagers and your grandmother.
What verifier? The scenario here is embedding an encrypted blob inside a static web page, and having the user input a key to decrypt inside their browser, right?
If you're going to have a server checking anything, you're on a whole different wavelength than this scheme. Why even use encryption at that point?
