Android operating system is great, as it is more open and flexible than competitor iOS from Apple. But when it comes to security, the answer is not so great.
One of which, is encryption. This method of securing data by making them unreadable to the unauthorized is becoming increasingly important as people store more and more data on their phones.
But here's the thing: encryption is complex, as there are a lot of calculations involved.
For a phone to encrypt its data, it needs to first read the data it wants to encrypt, to then write them and then reread them to rewrite them, to then confirm and hash them.
For text messages, encryption won't be that hard. But for images and videos, that's a whole different story. The phone needs to store or retrieve megabyte after megabyte of data, and that extra computation adds up very quickly.
This is why highend modern phones are equipped with a special chip that performs some of the most common encryption algorithms and processes. But lowend budget smartphones, no, they don't enjoy such luxury.
And this is a problem Google wants to solve, with a method it calls 'Adiantum'.
According to Google on its blog post:
Budget phones or older phones, or small IoT devices, simply don't have enough room for that dedicated hardware on board. As a matter of fact, this is also why these devices are sold cheaper than their highend counterparts.
Without the dedicated chip, these phones cannot efficiently run the cryptographic process. As a result, the phone may take a long time to encrypt, taking a toll on performance and drains the battery.
To make these cheap Android phones competitive, Google has a solution with this Adiantum.
And that is using a cipher called 'ChaCha' instead of the usual Advanced Encryption Standard (AES).
This cipher method is better optimized for basic binary operations, which means that any processor, even without specialized hardware, can execute the codes quickly. It’s also well documented and already in use in lots of places.
According to its engineers in another blog post:
The Adiantum process doesn’t increase or decrease the size of the data, like padding them or by appending with some header or footer data. Here, the original data and the encrypted data are at the same size.
This is good for devices that have less storage space, as Adiantum doesn't require devices to set aside too many special blocks for encryption metadata and the like.
This makes encryption visibly faster.
But since its faster, in theory, it should be less sophisticated than AES. This is why many security professionals view this encryption technique with skepticism, considering it to be less secured and unreliable.
But Adiantum engineers said that: "we are in a position to have high confidence in its security."
"In our paper, we prove that it has good security properties, under the assumption that ChaCha12 and AES-256 are secure. This is standard practice in cryptography; from 'primitives' like ChaCha and AES, we build 'constructions' like XTS, GCM, or Adiantum."
"Even though Adiantum is very new, we are in a position to have high confidence in its security. In our paper, we prove that it has good security properties, under the assumption that ChaCha12 and AES-256 are secure. This is standard practice in cryptography; from "primitives" like ChaCha and AES, we build "constructions" like XTS, GCM, or Adiantum."
While it is yet to be seen how good or bad this Adiantum encryption method really is in the hands of seasoned hackers and alike, users should benefit in an increased sense of security when using budget phones like Android Go or Android smartwatches.
The encryption should at least create another layer of security without requiring vendors to pour more money on expensive components, ramping up the devices' price.