Security Experts:

Connect with us

Hi, what are you looking for?


Mobile & Wireless

Google Improves Android Encryption with Adiantum

Google this week announced Adiantum, a new form of encryption aimed at Android devices without cryptographic acceleration.

Google this week announced Adiantum, a new form of encryption aimed at Android devices without cryptographic acceleration.

Meant to protect user data if a device falls into the wrong hands, storage encryption has been required for most devices since Android 6.0 in 2015. Relying on Advanced Encryption Standard (AES), however, the feature is slow on devices using low-end processors without hardware support for AES. 

To improve efficiency on such devices, Google designed Adiantum, which allows for the use of the ChaCha stream cipher in a length-preserving mode. ChaCha already was a viable solution in HTTPS encryption, but proved challenging to bring to disk and file encryption. 

With ChaCha both highly secure and much faster than AES when hardware acceleration is unavailable, Adiantum encryption and decryption on ARM Cortex-A7 processors is around five times faster compared to AES-256-XTS, Google claims.

“Adiantum is a true wide-block mode: changing any bit anywhere in the plaintext will unrecognizably change all of the ciphertext, and vice versa. It works by first hashing almost the entire plaintext,” the Internet search company says. 

“We also hash a value called the “tweak” which is used to ensure that different sectors are encrypted differently. This hash is then used to generate a nonce for the ChaCha encryption. After encryption, we hash again, so that we have the same strength in the decryption direction as the encryption direction,” Google continues. 

Named after the genus of the maidenhair fern, which in the Victorian language of flowers (floriography) represents sincerity and discretion, Adiantum is very new, but the search provider says they have high confidence in its security. 

The new encryption is expected to make future devices more secure, while bringing improved security to more users than before. With Adiantum everything from smart watches to Internet-connected medical devices will be able to encrypt sensitive data, the Internet giant claims. 

“Our hope is that Adiantum will democratize encryption for all devices. Just like you wouldn’t buy a phone without text messaging, there will be no excuse for compromising security for the sake of device performance. Everyone should have privacy and security, regardless of their phone’s price tag,” Eugene Liderman, Director of Mobile Security Strategy, Android Security & Privacy Team, says. 

Full details on Adiantum are available in Google’s paper Adiantum: length-preserving encryption for entry-level processors in IACR Transactions on Symmetric Cryptology.

Adiantum has been designed for devices running Android 9 and higher that lack AES CPU instructions. Details on how the encryption can be enabled are available on Google’s dedicated Android site

Related: Password Practices Still Poor, Google Says

Related: Google Unveils New Encryption Features for Android Developers

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

South Dakota Gov. Kristi Noem says her personal cell phone was hacked and linked it to the release of documents by the January 6...


A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Chinese tech giant Huawei patched nearly 300 vulnerabilities in its HarmonyOS operating system in 2022.