Security News > 2022 > February > 100 Million Samsung Galaxy Phones Affected with Flawed Hardware Encryption Feature

A group of academics from Tel Aviv University have disclosed details of now-patched "Severe" design flaws in Android-based Samsung smartphones that could have resulted in the extraction of secret cryptographic keys.

The shortcomings are the result of an analysis of the cryptographic design and implementation of Android's hardware-backed Keystore in Samsung's Galaxy S8, S9, S10, S20, and S21 flagship devices, researchers Alon Shakevsky, Eyal Ronen, and Avishai Wool said.

On Samsung mobile devices, the Keymaster TA runs in an ARM TrustZone-based TEE. However, security flaws uncovered in Samsung's implementation meant that they could provide an adversary with root privileges a workable path to recover the hardware-protected private keys from the secure element.

Initialization Vector reuse in Keymaster TA - An IV reuse vulnerability in Keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process.

Downgrade attack in Keymaster TA - A keyblob downgrade attack in Keymaster prior to SMR Oct-2021 Release 1 allows [an] attacker to trigger IV reuse vulnerability with privileged process.

In a nutshell, successful exploitation of the flaws against the Keymaster TA could achieve unauthorized access to hardware-protected keys and data secured by the TEE. Implications of such an attack could range from an authentication bypass to advanced attacks that can break fundamental security guarantees offered by cryptographic systems.

News URL

https://thehackernews.com/2022/02/100-million-samsung-galaxy-phones.html