Announcement

Collapse
No announcement yet.

Adiantum Is Taking Shape As Google's Speck Replacement For Low-End Device Encryption

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Adiantum Is Taking Shape As Google's Speck Replacement For Low-End Device Encryption

    Phoronix: Adiantum Is Taking Shape As Google's Speck Replacement For Low-End Device Encryption

    Earlier this year when Google added Speck-based file-system encryption support to the Linux kernel they intended it to be used by low-end Android phones/smartwatches with older ARM processors lacking the dedicated ARM cryptography extensions. Speck is fast enough to provide disk encryption on the low-end hardware, but ultimately they decided against Speck due to public outcry with the algorithm potentially being compromised by the US NSA. Instead Google engineers decided to pursue HPolyC as their new means of encryption on low-end hardware while now that has evolved into a new technology dubbed Adiantum...

    http://www.phoronix.com/scan.php?pag...Encrypt-Moving

  • #2
    and I am sure there will be benchmarks of this and all the other crypto types just as soon as the next kernel is released Michael

    Comment


    • #3
      This is genuinely strange to me. Yes, I 100% agree with the suspicion behind Speck.

      But then to rely on ....... GOOGLE?!? Google's entire offering, when taken in total - from their browser to analytics to phone OS to search to Google Home to Gmail and everything else they do. It all amounts to a singular surveillance platform - it's probably the most effective surveillance platform humanity has ever built.

      Comment


      • #4
        Originally posted by ezst036 View Post
        Yes, I 100% agree with the suspicion behind Speck.
        Why? I'm genuinely curious. When the CIA wanted to build the SR-71, they didn't say "Hi, this is the CIA, we need a metric crap-ton of the purest grade titanium". No, they bought it covertly through shell corporations. Likewise, when Communist China wanted an air craft carrier, they bought a used one, covertly, via an "investor" who said he was building a tourist attraction.

        If a secretive agency wants to slip compromised crypto into the kernel, they won't say "Hi, this is the Agency, here use this code we wrote". It's absurd to think that's the case here.

        Originally posted by ezst036 View Post
        But then to rely on ....... GOOGLE?!? Google's entire offering, when taken in total - from their browser to analytics to phone OS to search to Google Home to Gmail and everything else they do. It all amounts to a singular surveillance platform - it's probably the most effective surveillance platform humanity has ever built.
        Agree 100%, with Facebook as a close 2nd.

        Likewise with Huawei's many lines of kernel code, we've decided to trust the Chinese government too, apparently. What a joke.
        Last edited by torsionbar28; 11-06-2018, 12:09 AM.

        Comment


        • #5
          this paragraph contains some redundancy i think :
          Adiantum enhances the ChaCha12 cipher so it's suitable for disk encryption. Adiantum is based upon an improved version of HPolyC with Adiantum enhances the ChaCha12 cipher so it's suitable for disk encryption. Adiantum is based upon an improved version of HPolyC that pairs ChaCha with two passes of a hash function and one AES-256 encryption of a single 16-byte block. The Adiantum patches for the Linux kernel are currently up to their third public revision.

          Comment


          • #6
            Originally posted by torsionbar28 View Post
            Why? I'm genuinely curious. When the CIA wanted to build the SR-71, they didn't say "Hi, this is the CIA, we need a metric crap-ton of the purest grade titanium". No, they bought it covertly through shell corporations. Likewise, when Communist China wanted an air craft carrier, they bought a used one, covertly, via an "investor" who said he was building a tourist attraction.

            If a secretive agency wants to slip compromised crypto into the kernel, they won't say "Hi, this is the Agency, here use this code we wrote". It's absurd to think that's the case here.
            There are lot of past examples of this, e.g.: https://en.wikipedia.org/wiki/Dual_EC_DRBG

            Agree 100%, with Facebook as a close 2nd.

            Likewise with Huawei's many lines of kernel code, we've decided to trust the Chinese government too, apparently. What a joke.
            Google may have privacy issues, but it is also interested in not having its systems compromised by third parties, and it has a history of doing good with crypto, an example is https://boringssl.googlesource.com/boringssl/ .

            Comment


            • #7
              Originally posted by ezst036 View Post
              This is genuinely strange to me. Yes, I 100% agree with the suspicion behind Speck.

              But then to rely on ....... GOOGLE?!? Google's entire offering, when taken in total - from their browser to analytics to phone OS to search to Google Home to Gmail and everything else they do. It all amounts to a singular surveillance platform - it's probably the most effective surveillance platform humanity has ever built.
              They are not relying on Google, Google is simply using already tested and proven crypto.

              Comment


              • #8
                Originally posted by torsionbar28 View Post
                If a secretive agency wants to slip compromised crypto into the kernel, they won't say "Hi, this is the Agency, here use this code we wrote". It's absurd to think that's the case here.
                Why not? They will do all they can to get it in, if doing it as an official agency works better than trying to slip it in, then why not trying it?

                Comment


                • #9
                  also, paranoia about its authors and their intentions aside, Speck is *yet another different cipher*.
                  It hasn't received an as wide reviewing by 3rd party cryptographers (it was out since 2013)
                  even if there were no intentionnal back doors, risk is higher to eventually discover accidental ones down the line (compared to DJB's chacha20-poly1305 published in 2008 aready, which has been widely reviewed, including by google, including openssh authors, etc.)

                  speck also fails to show why it's relevant. regarding the low power ARM devices without a crypto coprocessing unit : chacha20-poly1305 covers already very well the low power segment, it's even been implemented on arduinos, on fricking microcontrollers.

                  on the other hand, google's adiantum - if you read between the line - is just some tweaking of chacha20-poly1305 to make it more suitable for mass storage encryption.
                  risks of google fucking it up are lower than if they introduce something entirely new from the ground up.
                  That doesn't mean that adiantum shouldn't be reviewed by numerous 3rd party specialist in crypto (google could still have fucked up their recommendations - see rounds reduction from 20 to 12), but it means that reviewing might go faster, and is likely to turn up as a recommendation.

                  TL;DR: go for the one that has had 5 more years to get reviewed and already covers your needs, rather than the newer one from the spooky guys.

                  Comment


                  • #10
                    Originally posted by starshipeleven View Post
                    Why not? They will do all they can to get it in, if doing it as an official agency works better than trying to slip it in, then why not trying it?
                    Exactly. https://freedom-to-tinker.com/2013/1...tempt-of-2003/

                    Comment

                    Working...
                    X