One of the easiest ways to protect your privacy and security on a smartphone is to set a passcode or biometric lock to enable disk encryption. That way if your phone gets lost or stolen, no one can take data off the device in a readable form. But not all smartphones—and tablets, and smartwatches, and so on—offer that protection. They don’t have the processing power to deal with resource-intensive encryption. So Google researchers have created a new encryption approach that’s faster and more efficient—and aims to bring data encryption protections to billions of Android users around the world.

The scheme, dubbed Adiantum, takes established cryptographic tools and principles that have been vetted by experts and implements them in a new, more efficient way. It aims to get full disk encryption running seamlessly on embedded devices without the latest and greatest hardware, giving users added security without slowing down apps or making the whole experience buggy.

Google

“Privacy really shouldn’t be a luxury. It’s something that all users for all products of all shapes and sizes should be able to have,” says Dave Kleidermacher, who heads Android security. “There are many people for whom an expensive flagship phone is not an option, but to protect against an attacker or a thief getting access to your private information you have to encrypt that data.”

Since Android is open source and can be adapted for all sorts of devices, the Google researchers who worked on Adiantum say that they’re excited to see where the approach ends up. Google has already released versions of Adiantum in the Android kernel and Linux kernel (which Android is based on), plus a tailored version for ARM processors. All of which makes it easy to bake into not just phones but also a multitude of IoT devices that run versions of Android.

Android has required that smartphones support storage encryption since Android 6 in 2015, but low-end devices have remained exempt because the demand would significantly impact performance. And while robust encryption for low-resource devices was a largely ignored problem for a long time, standards bodies like the National Institute of Standards and Technology have recently started to take an interest in codifying new strategies.

It will be up to device manufacturers, though, to actually adopt Google's solution. The encryption exemption for low-resource IoT devices will remain for now. And manufacturers who implement Adiantum will likely largely focus on new devices going forward, though it could potentially be possible to add it retroactively to existing devices.