 | This articleneeds additional citations forverification. Please helpimprove this article byadding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Adiantum" cipher – news ·newspapers ·books ·scholar ·JSTOR(January 2019) (Learn how and when to remove this message) |
| General | |
|---|---|
| Designers | Paul Crowley and Eric Biggers atGoogle |
| First published | October 12, 2018; 6 years ago (2018-10-12) |
| Related to | HPolyC |
| Cipher detail | |
| Key sizes | 8192 bits |
| Block sizes | no practical limit; intended for 4096-byte disk sectors |
| Structure | HBSH (hash, block cipher, stream cipher, hash) |
Adiantum is acipher composition fordisk encryption. It uses a new cipher construction called HBSH (hash, block cipher, stream cipher, hash), specifically choosingNH, 256-bitAdvanced Encryption Standard (AES-256),ChaCha12/ChaCha20[a],Poly1305 for the four elements.HPolyC is an earlier variant which does not use NH.[1]
It was designed in 2018 by Paul Crowley and Eric Biggers atGoogle specifically for low-powered mobile devices runningAndroid Go. It has been included in theLinux kernel since version 5.0.[2] The construct is designed to be "wide-block", where any change in the plaintext causes the entire ciphertext to be unrecognizably changed.[3]
Adiantum is implemented inAndroid 10 as an alternative cipher for device encryption, particularly on low-end devices lacking hardware-accelerated support for AES. (Adiantum only invokes AES once per plaintext.) The company stated that Adiantum ran five times faster than AES-256-XTS onARM Cortex-A7 CPUs.[1] Google had previously exempted devices from mandatory device encryption if their specifications affected system performance if enabled. Due to the introduction of Adiantum, device encryption becomes mandatory on all Android devices beginning on Android 10.[4][5]
 | This cryptography-related article is astub. You can help Wikipedia byexpanding it. |
