Google has required phone makers to offer storage encryption on most smartphones that have shipped with Android 6.0 or later. But the company has offered exemptions on devices that don’t support hardware-accelerated cryptography.
In a nutshell, if you’re buying a modern phone with an ARMv8 processor, it probably supports disk encryption. If you pick up a dirt cheap phone like an Android Go device, it probably doesn’t.
That’s because slow devices would become even slower if they had to run software to encrypt and decrypt data continually.
Now Google has come up with a method that it says offers much better performance for software-based encryption on low-power devices. It’s called Adiantum, and phone makers can use it to enable encryption on devices running android 9 or later if they have processors that lack support for AES.
Google says Adiantum allows a phone with an ARM Cortex-A7 processor to encrypt and decrypt data about five times faster than it could using AES-256-XTS.
That’s a pretty significant improvement… but it’s still a software-based solution. Google says AES outperforms Adiantum on devices with ARMv8 or x86 chips that feature hardware acceleration for AES.
If you’re looking for more technical details about how Adiantum works, Google has published some in a Google Security blog post, and the company also has a white paper with more information (PDF). Or you can check out the Adiantum code at github.
via Google