- Google announces Adiantum encryption for low-powered devices.
- It will be used for less-powerful devices like phones, TVs and smartwatches.
- Adiantum is named after the genus of the maidenhair fern.
February 5 was Safer Internet Day and Google decided to make privacy and security a week long affair with the announcement of new tools and services. The company has now announced Adiantum, a new form of encryption that has been built for less powerful devices like entry level smartphones and other smart devices like TVs and smartwatches. The new method is said to be designed such that there is no need to use specialised hardware for efficient encryption of locally stored data. “Adiantum is an innovation in cryptography designed to make storage encryption more efficient for devices without cryptographic acceleration, to ensure that all devices can be encrypted”.
Most smartphones today support storage encryption by employing the Advanced Encryption Standard (AES), which they have hardware support for with the ARMv8 Cryptography Extensions. As mentioned above, the encryption method is targeted at low-powered devices, some of which run on the ARM Cortex-A7 that does not feature innate hardware support for handling AES. "On these devices, AES is so slow that it would result in a poor user experience; apps would take much longer to launch, and the device would generally feel much slower. So while storage encryption has been required for most devices since Android 6.0 in 2015, devices with poor AES performance (50 MiB/s and below) are exempt. We've been working to change this because we believe that encryption is for everyone,” Google states in a blog post.
The new encryption method is said to help make the next generation of devices more secure than their predecessors and “allow the next billion people coming online for the first time to do so safely”. The new algorithm uses the ChaCha stream cipher in a length-preserving mode. ChaCha stream cipher is employed in HTTPS encryption and is considerably faster than AES when hardware based acceleration is not available. Along with the stream cipher, Adiantum takes cues from AES-based proposals for length-preserving encryption as well.