0

It has long been known that encryption is expensive, as it causes performance issues, especially for low-end devices that don’t have hardware support for making the encryption and decryption process faster.

Since data security concerns have recently become very important, not using encryption is no more a wise tradeoff, and at the same time, using a secure but slow device on which apps take much longer to launch is also not a great idea.

Currently Android OS supports AES-128-CBC-ESSIV for full-disk encryption and AES-256-XTS for file-based encryption, and Google has already made it mandatory for device manufacturers to include AES encryption on most devices shipped with Android 6.0 or later.

However, unfortunately, many low-end and other connected devices today available in the market are exempted from using encryption because of poor AES performance (50 MiB/s and below).

Adiantum: Fast Local Storage Encryption for Every Device

To solve this issue, Google has once again stepped forward, this time with “Adiantum,” a new form of efficient storage encryption that has been designed to protect local data without slowing down devices that don’t support hardware-accelerated cryptography.

“Adiantum allows us to use the ChaCha stream cipher in a length-preserving mode, by adapting ideas from AES-based proposals for length-preserving encryption such as HCTR and HCH,” Google said.

“On ARM Cortex-A7, Adiantum encryption and decryption on 4096-byte sectors is about 10.6 cycles per byte, around 5x faster than AES-256-XTS.”

For those unaware, the ChaCha stream cipher is extremely secure and much faster than Advanced Encryption Standard (AES) when hardware acceleration is unavailable, as it exclusively relies on operations that all CPUs natively support—additions, rotations, and XORs.

According to Google, Adiantum has primarily been designed to become the next widely accepted alternative that offers maximum security along with sufficient performance on lower-end ARM processors.

“Our hope is that Adiantum will democratize encryption for all devices,” Eugene Liderman, Director of Mobile Security Strategy at Android Security and Privacy Team says. “Just like you would not buy a phone without text messaging, there’ll be no excuse for compromising security for the sake of device performance.”

adiantum file encryption

With Adiantum, Google is looking forward to making the next generation of phones and smart devices more secure than their predecessors by allowing everything—from smartwatches to Internet-connected medical devices—to encrypt users’ sensitive data without compromising on the performance.

For more technical details about Adiantum and how it works, you can head on to the Google Security blog post and a white paper (PDF and GitHub) published by the company with more information.

Dawood Khan
Founder and Editor-in-Chief of 'Hack Hex,' Information Security professional, developer, whitehat hacker and an amateur guitarist.

Comments

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may also like