Google logo

Google Confirms: Their Change In Full Disk Encryption Policy Due To Performance Reasons

March 3, 2015 - Written By David Steele

Yesterday, it was reported that Google was changing requirements for Android 5.0 Lollipop and full disk encryption. Essentially, when Google released Android Lollipop they made a big deal about how the operating system would require full disk encryption but in January, Google changed their mind and made the full disk encryption optional, just as we’ve seen in older versions of Android. It was speculated that the reason why Google dropped the full disk encryption is because of performance reasons; there’s a processor overhead associated with encrypting and decrypting the storage. Google have now released a statement to Engadget that’s confirmed my suspicions: “In September, we announced that all new Android Lollipop devices would be encrypted by default. Due to performance issues on some Android partner devices we are not yet at encryption by default on every new Lollipop device. That said, our new Nexus devices are encrypted by default and Android users (Jelly Bean and above) have the option to encrypt the data on their devices in Settings —> Security — > Encryption. We remain firmly committed to encryption because it helps keep users safe and secure on the web.”

The statement is interesting because Google are referring to partner devices, which seems to imply that it excludes the Nexus line. Once the face of it, this seems more than a little bit sneaky of them given the memory benchmarks we’ve seen of the Nexus 6 versus the Nexus 5. Essentially, the Nexus 6 is slower at some memory operations compared with the older device, despite being based around a Qualcomm Snapdragon 805 rather than the Nexus 5’s Snapdragon 801. The Nexus 6 might be quicker at storage access if Google had included the necessary driver software to allow the Qualcomm Snapdragon 805 to use the hardware to improve the encryption and decryption processes. Google are still committed to full disk encryption, which is encouraging: perhaps they’ll enable the Qualcomm encryption drivers at some point in the future? It also means that there have been other devices out there that we’re yet to see running Lollipop, perhaps on lesser hardware, that are significantly slower with full disk encryption enabled.

Device encryption is something of a hot potato in the media at the moment. An encrypted device cannot easily be decrypted without the key, which is linked to the password. Encrypted communications cannot easily be eavesdropped on by government agencies and as manufacturers do not store the decryption password, one might imagine why governments around the world are not keen on the idea of encryption (assuming they’re listening in on us). Over to our readers: do you use device encryption on your Android smartphone or tablet? Have you added it, or perhaps even removed it? If so, what was your experience of the difference in performance? Let us know in the comments below.