Adiantum File-System Encryption Support Ready For Linux 4.21
Adiantum, Google's newly developed crypto algorithm to replace their planned use of the controversial Speck, is ready to begin providing speedy file-system encryption support for low-end devices with the upcoming Linux 4.21 merge window.
Adiantum is intended to be eventually used by low-end Android Go devices where their limited SoCs don't provide any hardware crypto extensions. As covered back in November, Adiantum was added to the Linux kernel's crypto subsystem is staging it ahead of Linux 4.21.
Besides the Adiantum implementation in the cryptography area, Adiantum has now been added to fscrypt -- the file-system encryption framework. Fscrypt is the file-system encryption code utilized in turn currently by the EXT4 and F2FS file-systems. Fscrypt up to now has supported AES-256-XTS and AES-128-CBC for file contents and AES-256-CTS-CBS/AES-128-CTS-CBC for filenames while now Adiantum is supported for encrypting both file contents and their names.
On low-end ARM hardware like the A7, Adiantum should be about four times faster than AES-256-XTS while data decryption is about five times faster. Adiantum builds off XChaCha12.
The Adiantum Fscrypt code is currently staged in its tree until the Linux 4.21 merge window opens up around Christmas.
Adiantum is intended to be eventually used by low-end Android Go devices where their limited SoCs don't provide any hardware crypto extensions. As covered back in November, Adiantum was added to the Linux kernel's crypto subsystem is staging it ahead of Linux 4.21.
Besides the Adiantum implementation in the cryptography area, Adiantum has now been added to fscrypt -- the file-system encryption framework. Fscrypt is the file-system encryption code utilized in turn currently by the EXT4 and F2FS file-systems. Fscrypt up to now has supported AES-256-XTS and AES-128-CBC for file contents and AES-256-CTS-CBS/AES-128-CTS-CBC for filenames while now Adiantum is supported for encrypting both file contents and their names.
On low-end ARM hardware like the A7, Adiantum should be about four times faster than AES-256-XTS while data decryption is about five times faster. Adiantum builds off XChaCha12.
The Adiantum Fscrypt code is currently staged in its tree until the Linux 4.21 merge window opens up around Christmas.
1 Comment