Google Boosts Encryption In Chrome For Android - InformationWeek
Mobile // Mobile Devices
09:06 AM
Connect Directly
Building Security for the IoT
Nov 09, 2017
In this webcast, experts discuss the most effective approaches to securing Internet-enabled system ...Read More>>

Google Boosts Encryption In Chrome For Android

Users of Chrome on Android devices should see improved speed and security.

Google's 10 Big Bets On The Future
Google's 10 Big Bets On The Future
(Click image for larger view and slideshow.)

Google said Thursday that it deployed improved encryption in Chrome on Android this year to enhance performance on devices without AES hardware acceleration, such as most Android phones, Google Glass, and older computers.

"This improves user experience, reducing latency and saving battery life by cutting down the amount of time spent encrypting and decrypting data," Elie Bursztein, anti-abuse research lead at Google, said in a blog post.

Google introduced a new TLS cipher suite in February that works three times faster than AES-GCM on devices lacking AES hardware support. It did so following the implementation of new algorithms -- ChaCha 20 for symmetric encryption and Poly1305 for authentication -- a process that began in March 2013.

[Struggling to balance employee productivity with security? Read Workplace Data Privacy Vs. Security: The New Balance.]

This was before NSA documents had been leaked to the news media by former NSA contractor Edward Snowden, underscoring the sorry state of Internet security. But Google's implementation of better encryption technology dovetails with a broad industry effort to place impediments in the way of untargeted intelligence gathering and to restore confidence in the security of cloud computing.

Yahoo, long a laggard in computer security, committed last year to adding HTTPS support to Yahoo Mail and to encrypting the information moving in, out, and between its datacenters by the end of the first quarter of 2014. And in December, Microsoft, acknowledging customers' concerns about government surveillance, committed to expanding encryption across its various services.

(Source: Wikipedia)
(Source: Wikipedia)

More recently, the disclosure of the Heartbleed vulnerability in the OpenSSL cryptographic library has made it clear to the open-source community, and to the companies that depend on open-source software, that more attention needs to be paid to popular open-source libraries to catch critical flaws. According to the Linux Foundation, the OpenSSL project has received about $2,000 a year in donations, which isn't much, considering the cost of patching all the systems affected by the Heartbleed bug.

On Thursday, to incentivize the involvement of more programmers, the Linux Foundation announced the creation of a Core Infrastructure Initiative to allow technology companies to identify and fund important open-source projects. Companies participating in the initiative include Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, and VMware.

None of these steps offer any guarantees against intelligence agencies armed with millions or billions of dollars in funding, corporate espionage, or rogue hackers. But perhaps sustained industrywide alarm at security shortcomings will lead to more effective remediation efforts and will add enough barriers to make mass data collection less profitable.

IT is turbocharging BYOD, but mobile security practices lag behind the growing risk. Also in the Mobile Security issue of InformationWeek: These seven factors are shaping the future of identity as we move to a digital world (free registration required).

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
4/28/2014 | 8:54:08 PM
Re: encryption
A side effect of better battery life and speed is another good benefit.
User Rank: Author
4/28/2014 | 11:20:07 AM
At least there's some good news on this Monday morning. Improved security is a good thing to pursue.
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll