Google Has Launched Adiantum, a New Encryption Algorithm

Date: 10 Feb 2019 Category : | Author: Graham Penrose

The Hacker News are reporting that Google are launching a new and faster storage encryption algorithm intended to encrypt locally stored data more efficiently on low end devices – certain mobile phones and many types of smart IoT devices – that do not have the hardware to implement existing more processor hungry encryption methods.

Encryption can be expensive and causes performance issues, especially for low-end devices that don’t have hardware support for making the encryption and decryption process faster. Since data security concerns have recently become very important, not using encryption is no more a wise tradeoff, and at the same time, using a secure but slow device on which apps take much longer to launch is also not an option.

Currently Android OS supports AES-128-CBC-ESSIV for full-disk encryption and AES-256-XTS for file-based encryption, and Google has already made it mandatory for device manufacturers to include AES encryption on most devices shipped with Android 6.0 or later. But many low-end and other connected devices today available in the market are exempted from using encryption because of poor AES performance (50 MiB/s and below).

Adiantum

To solve this issue, Google has once again stepped forward, this time with “Adiantum,” a new form of efficient storage encryption that has been designed to protect local data without slowing down devices that don’t support hardware-accelerated cryptography.

“Adiantum allows us to use the ChaCha stream cipher in a length-preserving mode, by adapting ideas from AES-based proposals for length-preserving encryption such as HCTR and HCH,” Google said.”On ARM Cortex-A7, Adiantum encryption and decryption on 4096-byte sectors is about 10.6 cycles per byte, around 5x faster than AES-256-XTS.”

For those unaware, the ChaCha stream cipher is extremely secure and much faster than Advanced Encryption Standard (AES) when hardware acceleration is unavailable, as it exclusively relies on operations that all CPUs natively support—additions, rotations, and XORs.

According to Google, Adiantum has primarily been designed to become the next widely accepted alternative that offers maximum security along with sufficient performance on lower-end ARM processors.

“Our hope is that Adiantum will democratize encryption for all devices,” Eugene Liderman, Director of Mobile Security Strategy at Android Security and Privacy Team says. “Just like you would not buy a phone without text messaging, there’ll be no excuse for compromising security for the sake of device performance.”

For more technical details about Adiantum and how it works, you can head on to the Google Security blog post and a white paper (PDF and GitHub) published by the company with more information.

Share this page:








Subscribe to our newsletter

Get the latest CommsLock news, product offering & free downloads right in your inbox


Do you accept our Privacy Policy?