In the months leading up to Google’s launch of Android 5.0 Lollipop, the search giant told anyone that would listen that its new mobile operating system would have data encryption enabled by default. But once third-party devices running Lollipop made it into circulation, it was discovered that encryption wasn’t enabled out of the box.
Why the sudden – and silent – change? Two words: performance issues.
Ars published an article last year in which it found that full-disk encryption had a profound impact on overall performance. Google must have read the article as well as it told Engadget that it lifted the encryption requirement due to performance issues.
That brings us to today and another look at the Android Compatibility Definition document. This time around, we find that Google is requiring devices with Advanced Encryption Standard (AES) crypto performance above 50MiB/sec to enable full-disk encryption out of the box.
Devices that launched with older versions of Android but have since been upgraded are exempt.
As Ars previously noted, encryption-related performance issues can be overcome by using faster flash memory, speedier file systems and chips that are better at rapidly encrypting and decrypting data.
The new guidelines are certainly a step in the right direction although there are some loopholes that keep it from being a perfect solution.