Breaking News

SAMA Launches Exclusive Amazon Prime Day Deals on Flagship PC Cases and AIO Cooler Lineup Transcend Launches Ultra-Fast PCIe Gen5 SSD MTE260S Power Your World with DJI's New Portable Power Station Power 2000 G.SKILL CAMM2 DDR5 Memory Module Demonstrates DDR5-10000 Overclock Speed on ASUS Z890 Motherboard JCB Phone Launches New Rugged Smartphone Range to Power Global Expansion

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Google Introduces the 'Adiantum' Encryption for Low-end Android Smartphones

Google Introduces the 'Adiantum' Encryption for Low-end Android Smartphones

Smartphones Feb 8,2019 0

Google has designed a new encryption mode called Adiantum, an alternative to Advanced Encryption Standard (AES) for entry-level Android Go phones.

Today, Android offers storage encryption using the Advanced Encryption Standard (AES). Most new Android devices have hardware support for AES via the ARMv8 Cryptography Extensions. However, Android runs on a wide range of devices. This includes not just the latest flagship and mid-range phones, but also entry-level Android Go phones sold primarily in developing countries, along with smart watches and TVs. In order to offer low cost options, device manufacturers sometimes use low-end processors such as the ARM Cortex-A7, which does not have hardware support for AES. On these devices, AES is so slow that it would result in a poor user experience.

In HTTPS encryption, this is a solved problem. The ChaCha20 stream cipher is much faster than AES when hardware acceleration is unavailable, while also being extremely secure. It is fast because it exclusively relies on operations that all CPUs natively support: additions, rotations, and XORs.

For this reason, in 2014 Google selected ChaCha20 along with the Poly1305 authenticator, which is also fast in software, for a new TLS cipher suite to secure HTTPS internet connections. ChaCha20-Poly1305 has been standardized as RFC7539, and it improves HTTPS performance on devices that lack AES instructions.

However, disk and file encryption present a special challenge. Data on storage devices is organized into "sectors" which today are typically 4096 bytes. When the filesystem makes a request to the device to read or write a sector, the encryption layer intercepts that request and converts between plaintext and ciphertext. This means that Google has to convert between a 4096-byte plaintext and a 4096-byte ciphertext. But to use RFC7539, the ciphertext must be slightly larger than the plaintext; a little space is needed for the cryptographic nonce and message integrity information. There are software techniques for finding places to store this extra information, but they reduce efficiency and can impose significant complexity on filesystem design. Where AES is used, the conventional solution for disk encryption is to use the XTS or CBC-ESSIV modes of operation, which are length-preserving.

Adiantum allows us to use the ChaCha stream cipher in a length-preserving mode, by adapting ideas from AES-based proposals for length-preserving encryption such as HCTR and HCH. On ARM Cortex-A7, Adiantum encryption and decryption on 4096-byte sectors is about 10.6 cycles per byte, around 5x faster than AES-256-XTS, according to Paul Crowley and Eric Biggers, members of the Android Security & Privacy Team.

Android engineers have published a paper to prove that Adiantum has good security properties, under the assumption that ChaCha12 and AES-256 are secure. The paper entitled "Adiantum: length-preserving encryption for entry-level processors in IACR Transactions on Symmetric Cryptology" will be presented at the Fast Software Encryption conference (FSE 2019) in March.

Generic and ARM-optimized implementations of Adiantum are available in the Android common kernels v4.9 and higher, and in the mainline Linux kernel v5.0 and higher. Reference code, test vectors, and a benchmarking suite are available at https://github.com/google/adiantum.

Android device manufacturers can enable Adiantum for either full-disk or file-based encryption on devices with AES performance <= 50 MiB/sec and launching with Android Pie. Where hardware support for AES exists, AES is faster than Adiantum; AES must still be used where its performance is above 50 MiB/s.

In Android Q, Adiantum will be part of the Android platform, and Google intends to update the Android Compatibility Definition Document (CDD) to require that all new Android devices be encrypted using one of the allowed encryption algorithms.

Tags: encryptionandroid
Previous Post
Samsung to Unveil Galaxy Buds, Gear Icon X, Galaxy Fit and Galaxy Sport in February's Unpacked Event
Next Post
Apple iOS 12.1.4 Update Fixes FaceTime Eavesdropping Flaw

Related Posts

  • What’s new in Android 15, plus more updates

  • Connecting all things Android at MWC Barcelona

  • New features for businesses in Android 13

  • Lucky number Android 13: The latest features and updates

  • What’s beta than Android 13?

  • HLDS UD Station DVDRW (Preview)

  • SK Telecom and Samsung Unveil the First QRNG-Powered 5G Smartphone

  • Android Gets a New Keyboard for Typing Braille

Latest News

SAMA Launches Exclusive Amazon Prime Day Deals on Flagship PC Cases and AIO Cooler Lineup
Cooling Systems

SAMA Launches Exclusive Amazon Prime Day Deals on Flagship PC Cases and AIO Cooler Lineup

Transcend Launches Ultra-Fast PCIe Gen5 SSD MTE260S
PC components

Transcend Launches Ultra-Fast PCIe Gen5 SSD MTE260S

Power Your World with DJI's New Portable Power Station Power 2000
Consumer Electronics

Power Your World with DJI's New Portable Power Station Power 2000

G.SKILL CAMM2 DDR5 Memory Module Demonstrates DDR5-10000 Overclock Speed on ASUS Z890 Motherboard
PC components

G.SKILL CAMM2 DDR5 Memory Module Demonstrates DDR5-10000 Overclock Speed on ASUS Z890 Motherboard

JCB Phone Launches New Rugged Smartphone Range to Power Global Expansion
Smartphones

JCB Phone Launches New Rugged Smartphone Range to Power Global Expansion

Popular Reviews

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

Arctic Liquid Freezer III 420 - 360

Arctic Liquid Freezer III 420 - 360

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Soundpeats Pop Clip

Soundpeats Pop Clip

Noctua NH-D15 G2

Noctua NH-D15 G2

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Crucial T705 2TB NVME White

Crucial T705 2TB NVME White

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed