Google Boosts Encryption In Chrome For Android - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile // Mobile Devices
09:06 AM
Connect Directly

Google Boosts Encryption In Chrome For Android

Users of Chrome on Android devices should see improved speed and security.

Google's 10 Big Bets On The Future
Google's 10 Big Bets On The Future
(Click image for larger view and slideshow.)

Google said Thursday that it deployed improved encryption in Chrome on Android this year to enhance performance on devices without AES hardware acceleration, such as most Android phones, Google Glass, and older computers.

"This improves user experience, reducing latency and saving battery life by cutting down the amount of time spent encrypting and decrypting data," Elie Bursztein, anti-abuse research lead at Google, said in a blog post.

Google introduced a new TLS cipher suite in February that works three times faster than AES-GCM on devices lacking AES hardware support. It did so following the implementation of new algorithms -- ChaCha 20 for symmetric encryption and Poly1305 for authentication -- a process that began in March 2013.

[Struggling to balance employee productivity with security? Read Workplace Data Privacy Vs. Security: The New Balance.]

This was before NSA documents had been leaked to the news media by former NSA contractor Edward Snowden, underscoring the sorry state of Internet security. But Google's implementation of better encryption technology dovetails with a broad industry effort to place impediments in the way of untargeted intelligence gathering and to restore confidence in the security of cloud computing.

Yahoo, long a laggard in computer security, committed last year to adding HTTPS support to Yahoo Mail and to encrypting the information moving in, out, and between its datacenters by the end of the first quarter of 2014. And in December, Microsoft, acknowledging customers' concerns about government surveillance, committed to expanding encryption across its various services.

(Source: Wikipedia)
(Source: Wikipedia)

More recently, the disclosure of the Heartbleed vulnerability in the OpenSSL cryptographic library has made it clear to the open-source community, and to the companies that depend on open-source software, that more attention needs to be paid to popular open-source libraries to catch critical flaws. According to the Linux Foundation, the OpenSSL project has received about $2,000 a year in donations, which isn't much, considering the cost of patching all the systems affected by the Heartbleed bug.

On Thursday, to incentivize the involvement of more programmers, the Linux Foundation announced the creation of a Core Infrastructure Initiative to allow technology companies to identify and fund important open-source projects. Companies participating in the initiative include Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, and VMware.

None of these steps offer any guarantees against intelligence agencies armed with millions or billions of dollars in funding, corporate espionage, or rogue hackers. But perhaps sustained industrywide alarm at security shortcomings will lead to more effective remediation efforts and will add enough barriers to make mass data collection less profitable.

IT is turbocharging BYOD, but mobile security practices lag behind the growing risk. Also in the Mobile Security issue of InformationWeek: These seven factors are shaping the future of identity as we move to a digital world (free registration required).

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Author
4/28/2014 | 11:20:07 AM
At least there's some good news on this Monday morning. Improved security is a good thing to pursue.
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

New Storage Trends Promise to Help Enterprises Handle a Data Avalanche
John Edwards, Technology Journalist & Author,  4/1/2021
11 Things IT Professionals Wish They Knew Earlier in Their Careers
Lisa Morgan, Freelance Writer,  4/6/2021
How to Submit a Column to InformationWeek
InformationWeek Staff 4/9/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Successful Strategies for Digital Transformation
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll