Google Boosts Encryption In Chrome For Android - InformationWeek
Mobile // Mobile Devices
09:06 AM
Connect Directly

Google Boosts Encryption In Chrome For Android

Users of Chrome on Android devices should see improved speed and security.

Google's 10 Big Bets On The Future
Google's 10 Big Bets On The Future
(Click image for larger view and slideshow.)

Google said Thursday that it deployed improved encryption in Chrome on Android this year to enhance performance on devices without AES hardware acceleration, such as most Android phones, Google Glass, and older computers.

"This improves user experience, reducing latency and saving battery life by cutting down the amount of time spent encrypting and decrypting data," Elie Bursztein, anti-abuse research lead at Google, said in a blog post.

Google introduced a new TLS cipher suite in February that works three times faster than AES-GCM on devices lacking AES hardware support. It did so following the implementation of new algorithms -- ChaCha 20 for symmetric encryption and Poly1305 for authentication -- a process that began in March 2013.

[Struggling to balance employee productivity with security? Read Workplace Data Privacy Vs. Security: The New Balance.]

This was before NSA documents had been leaked to the news media by former NSA contractor Edward Snowden, underscoring the sorry state of Internet security. But Google's implementation of better encryption technology dovetails with a broad industry effort to place impediments in the way of untargeted intelligence gathering and to restore confidence in the security of cloud computing.

Yahoo, long a laggard in computer security, committed last year to adding HTTPS support to Yahoo Mail and to encrypting the information moving in, out, and between its datacenters by the end of the first quarter of 2014. And in December, Microsoft, acknowledging customers' concerns about government surveillance, committed to expanding encryption across its various services.

(Source: Wikipedia)
(Source: Wikipedia)

More recently, the disclosure of the Heartbleed vulnerability in the OpenSSL cryptographic library has made it clear to the open-source community, and to the companies that depend on open-source software, that more attention needs to be paid to popular open-source libraries to catch critical flaws. According to the Linux Foundation, the OpenSSL project has received about $2,000 a year in donations, which isn't much, considering the cost of patching all the systems affected by the Heartbleed bug.

On Thursday, to incentivize the involvement of more programmers, the Linux Foundation announced the creation of a Core Infrastructure Initiative to allow technology companies to identify and fund important open-source projects. Companies participating in the initiative include Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, and VMware.

None of these steps offer any guarantees against intelligence agencies armed with millions or billions of dollars in funding, corporate espionage, or rogue hackers. But perhaps sustained industrywide alarm at security shortcomings will lead to more effective remediation efforts and will add enough barriers to make mass data collection less profitable.

IT is turbocharging BYOD, but mobile security practices lag behind the growing risk. Also in the Mobile Security issue of InformationWeek: These seven factors are shaping the future of identity as we move to a digital world (free registration required).

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
4/28/2014 | 8:54:08 PM
Re: encryption
A side effect of better battery life and speed is another good benefit.
User Rank: Author
4/28/2014 | 11:20:07 AM
At least there's some good news on this Monday morning. Improved security is a good thing to pursue.
Register for InformationWeek Newsletters
White Papers
Current Issue
Cybersecurity Strategies for the Digital Era
At its core, digital business relies on strong security practices. In addition, leveraging security intelligence and integrating security with operations and developer teams can help organizations push the boundaries of innovation.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll