Android 6.0 Marshmallow Phones Will Be Encrypted By Default

If you follow tech-updates, this isn’t exactly news. The 32 bit has been fading into oblivion steadily over the past year and Android 6.0 Marshmallow will merely plaster the last brick in the wall. As per new Android Compatibility Definition Document, it’s mandatory for all OEMs to include full encryption by default (Well almost) if they want to flaunt the latest OS, and this should have a big impact on Android experience in 2016.

What is Full device encryption?

The option for full device encryption has been around for years since Android 3.0 Honeycomb, but it was never mandatory. This adds an extra-step in processing data. All data processor reads from storage will have to be decrypted first and all new data which has to be written will have to be encrypted.

The lock-screen password is used to generate a secure encryption password. It takes time and effort, but has security incentives. If someone steels your phone, he won’t be able to access your data.

As per new guidelines, OEMs are not required to make lock-screen mandatory (which is required as safe-key for encryption). If users don’t want to set a lock-screen, encryption will be done using a default key.

Google already said this was coming….

Last year Google said that all Android 5.0 Lollipop devices would require device encryption by default, however, quietly backed away later. Nexus 6 and Nexus 9 were perhaps the only Android Lollipop devices that came encrypted out of the box.

This however came at the expense of performance. Nexus 6 write performance was slower than Nexus 5. Since performance was being compromised, Google didn’t have much of an option, but to back track. The company however made it clear that mandatory encryption was on its way.

What changed this year?

The new Nexus 6P and Nexus 5X are the first Nexus Phones this year, which include 64 bit hardware and that comes laden with blessings of ARMv8.  The main advantage and reason why everyone embraced 64 bit and ran with it, was because of refined instruction set (ARMv7 was decade old and the ARMv8 refined instruction set), almost double registers (where commonly used instruction and data are stored by processor) and addition of special instruction stes for encryption.

In its Reddit AMA, Google stated that new nexus phones were using software encryption using ARMv8 cryptography extensions which work even faster than hardware encryption.

But there are a few exceptions….

Old smartphones which get Marshmallow software update and cheaper phones with AES crypto performance below 50MiB-per-second are exempted from this change. This will include low cost 32Bit SoCs, which don’t have ARMv8 advantage but are still being used in entry level smarphones.

A performance penalty is involved. Will it mean low cost Android phones will steer-away from Marshmallow for time to come? Will lower mid-range phones successfully integrated it without significant performance lag? There is still time before we get answers to all those questions.

Mandatory encryption will go a long way towards enhancing Android security and in avoiding data and identity thefts. Some might not like these restraints, but these are for greater good. Phone thefts are after all common occurrences these day.