Tuesday, 3 March 2015

Google's 'encrypted-by-default' Android is NOT encrypting by default

Android 5.0 "Lollipop"
Last year, Google said Android 5, codenamed Lollipop, will encrypt the contents of smartphones and tablets by default. Now it's had to do some backtracking.
In short, despite Google's boasts that Lollipop will encrypt handhelds' data by default "out of the box," that simply isn't being enforced on all devices running Android 5. What happened?

Rewind the clock

Apple put the cat among the pigeons in September when it announced that iOS 8 automatically encrypts files stored on iPhones and iPads.
Only the owners of the hardware are able to unlock their documents – rather than, say, thieves or Apple under pressure from the cops, in theory. And by making it a default, it means less tech savvy people can benefit from the security measure while being blissfully unaware of it.
Days later, Google said it too would follow suit and enable file encryption by default, adding that full-storage encryption had been an option in Android for some time. Indeed, in this Android 4.4 design document [PDF] dated November 27, 2013, Google declared:
If the device has lock screen, the device MUST support full-disk encryption.
By September 2014, to keep up with Apple, that rule had been ramped up from an optional feature to an on-by-default. "As part of our next Android release, encryption will be enabled by default out of the box, so you won't even have to think about turning it on," Google spokesperson Niki Christoff said at the time.

And in the present day

Now the advertising giant has climbed down from that vow, leaving it up to phone and tablet manufacturers to enable encryption-by-default (and some of them aren't.)
Some Android Lollipop handhelds, particularly those shown off this week at Mobile World Congress 2015, are simply not automatically encrypting their files by default. That includes the second-generation Moto E and the Samsung Galaxy S6, according to Ars.
Lollipop's design document [PDF] states:
If the device implementation has a lock screen, the device MUST support full-disk encryption of the application private data, (/datapartition) as well as the SD card partition if it is a permanent, non-removable part of the device [Resources, 107]. For devices supporting full-disk encryption, the full-disk encryption SHOULD be enabled all the time after the user has completed the out-of-box experience. While this requirement is stated as SHOULD for this version of the Android platform, it is very strongly RECOMMENDED as we expect this to change to MUST in the future versions of Android.
Note that full-disk encryption-by-default is still a "should," a recommendation, and that only future versions of Android may enforce it.
So why the change? Well, part of the reason is that Android doesn't have all the drivers to take advantage of AES acceleration in the chips powering smartphones and slabs.
For example, the Qualcomm Snapdragon 805 system-on-chip in the Motorola Nexus 6 will do AES encryption and decryption of data in hardware – which should be fast and power efficient.
However, the driver for that feature is not available to the Android project, so Android 5 must do the by-default-enabled file encryption and decryption in software, which is terribly slow – forcing people to switch it off.
Some manufacturers may not bother turning encryption on in the first place if there's no acceleration available for whatever reason, and Google's allowing them to do just that.
Meanwhile, the Google Nexus 9 fondleslab uses an Nvidia Tegra K1 processor with a 64-bit ARMv8-compatible processor. This architecture has standardized AES encryption/decryption instructions that can be used by Android 5 without a specialized driver.
That means Lollipop happily encrypts-by-default on the Nexus 9.

Who wins and who loses?

This whole mess will make Apple fans very smug. Apple has had a separate coprocessor for accelerating encryption for years, and as a result iOS encryption is a much easier process. Apple has total control of its hardware and OS, whereas Google must rely on its hardware friends to play ball.
Based on what we’re seeing from Android gadget makers at this year’s Mobile World Congress shindig in Barcelona, manufacturers would prefer to leave encryption off. When performance and battery life is such a selling point these days, you need every edge you can get.
Will Google make default encryption the rule, rather than a suggestion as it does today? Almost certainly, but it’ll need some hardware evolution before most Android users get their paws on some serious privacy. ®