Google's Adiantum aims to bring encryption to low-end smartphones and devices
The concept will solve one of the biggest Android problems: running AES on devices with less than 1GB RAM
Google has unveiled its latest security measure, this time to protect lower-end devices with sufficient encryption to scramble personal data.
Known as Adiantum, the technology will work on devices that don't have the processing power to run storage encryption using Advanced Encryption Standard (AES). Such devices could be low-end smartphones, tablets, smart watches or IoT devices running on Android without the processing power of more expensive models.
Although AES encryption support is a requirement for Android devices nowadays, it's just not possible to run the security protocol on smartphones that have less than 1GB of RAM, such as those equipped with the ARM Cortex-A7. It would take up too much processing power to encrypt on the fly and result in a sluggish performance all-round.
Adiantum flips the whole concept of AES on its head. It uses HTTPS encryption via ChaCha20 stream cipher and Poly1305 Authenticator to develop a new suite of resources to encrypt data without affecting the performance of handsets with less than 1GB RAM. Using the ChaCha20 stream cipher with length-preserving encryption significantly speeds up the encryption process, with 10.6 cycles per byte on 4096-byte sectors, around 5x faster than AES-256-XTS.
"Our hope is that Adiantum will democratize encryption for all devices," Eugene Liderman, director of mobile security strategy for Google's Android security & privacy team said in a blog post. "Just like you wouldn't buy a phone without text messaging, there will be no excuse for compromising security for the sake of device performance. Everyone should have privacy and security, regardless of their phone's price tag."
Four cyber security essentials that your board of directors wants to know
The insights to help you deliver what they needDownload now
Data: A resource much too valuable to leave unprotected
Protect your data to protect your companyDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now