Google's Adiantum aims to bring encryption to low-end smartphones and devices
The concept will solve one of the biggest Android problems: running AES on devices with less than 1GB RAM
Google has unveiled its latest security measure, this time to protect lower-end devices with sufficient encryption to scramble personal data.
Known as Adiantum, the technology will work on devices that don't have the processing power to run storage encryption using Advanced Encryption Standard (AES). Such devices could be low-end smartphones, tablets, smart watches or IoT devices running on Android without the processing power of more expensive models.
Although AES encryption support is a requirement for Android devices nowadays, it's just not possible to run the security protocol on smartphones that have less than 1GB of RAM, such as those equipped with the ARM Cortex-A7. It would take up too much processing power to encrypt on the fly and result in a sluggish performance all-round.
Adiantum flips the whole concept of AES on its head. It uses HTTPS encryption via ChaCha20 stream cipher and Poly1305 Authenticator to develop a new suite of resources to encrypt data without affecting the performance of handsets with less than 1GB RAM. Using the ChaCha20 stream cipher with length-preserving encryption significantly speeds up the encryption process, with 10.6 cycles per byte on 4096-byte sectors, around 5x faster than AES-256-XTS.
"Our hope is that Adiantum will democratize encryption for all devices," Eugene Liderman, director of mobile security strategy for Google's Android security & privacy team said in a blog post. "Just like you wouldn't buy a phone without text messaging, there will be no excuse for compromising security for the sake of device performance. Everyone should have privacy and security, regardless of their phone's price tag."
Consumer choice and the payment experience
A software provider's guide to getting, growing, and keeping customersDownload now
Prevent fraud and phishing attacks with DMARC
How to use domain-based message authentication, reporting, and conformance for email securityDownload now
Business in the new economy landscape
How we coped with 2020 and looking ahead to a brighter 2021Download now
How to increase cyber resilience within your organisation
Cyber resilience for dummiesDownload now