Google Improves Secure Website Performance on Android Smartphones
Published on: 25th Apr 2014
Note -- this news article is more than a year old.
By: Ian Mansfield
Google has revealed that earlier this year it deployed a new method of encrypting secure website traffic in Android smartphones that is faster and reduces drain on batteries.
The company said that it had deployed a new TLS cipher suite in Chrome that operates three times faster than previous methods on devices that don't have AES hardware acceleration, including most Android phones, wearable devices such as Google Glass and older computers.
This new software cut down the amount of time spent encrypting and decrypting data on secure websites, such as banking services or secured emails.
The new ChaCha20 and Poly1305 suites are very fast on mobile and wearable devices, as their designs are able to leverage common CPU instructions, including ARM vector instructions. Poly1305 also saves network bandwidth, since its output is only 16 bytes compared to HMAC-SHA1, which is 20 bytes. This represents a 16% reduction of the TLS network overhead incurred when using older ciphersuites such as RC4-SHA or AES-SHA.
As of February 2014, almost all HTTPS connections made from Chrome browsers on Android devices to Google web sites have used this new cipher suite.
The company said that it plans to make it available as part of the Android platform in a future release.
If you'd like to verify which cipher suite Chrome is currently using, on an Android device or on desktop, just click on the padlock in the URL bar and look at the connection tab.