Google introduces new encryption to ensure low-end Android devices are secure

Google unveiled a new type of encryption called Adiantum to make sure all Android devices are secure, including older devices.

Android offers storage encryption using the Advanced Encryption Standard (AES). And most new Android devices provide AES via Arm’s version 8 processor cryptography extensions. However, Android runs on a wide range of devices. This includes not just the latest flagship and mid-range phones but also entry-level Android Go phones sold primarily in developing countries, along with smart watches and TVs.

In order to offer low-cost options, device manufacturers sometimes use low-end processors such as the Arm Cortex-A7, which does not have hardware support for AES. On these devices, Google says that AES is so slow that it would result in poor user experience; apps would take much longer to launch, and the device would generally feel much slower.

Although storage encryption has been required for most devices since Android 6.0 in 2015, devices with poor AES performance (50 MiB/s and below) are exempt.

In order to make sure all devices are secure, Google designed a new encryption mode that it calls Adiantum. It explains the security technology in detail in a Google blog post.

Android device manufacturers can enable Adiantum for either full-disk or file-based encryption on devices with AES performance less than 50 MiB/sec and launching with Android Pie.

Where hardware support for AES exists, it must still be used. Adiantum will be part of the Android platform when Google rolls out Android Q. And Google intends to update its Android Compatibility Definition Document to require that all new Android devices be encrypted using one of the allowed encryption algorithms.