Security News > 2022 > March > 100 million Samsung phones affected by encryption weakness

Attention, Samsung Galaxy smartphone owners: There's a good chance your device is one of the 100 million that a Tel Aviv University research paper said suffer from a serious encryption flaw.

The researchers didn't stumble upon this error, either: They purposely targeted Samsung devices as an attempt to prove that proprietary, and often undocumented, encryption applications endanger everyone using a smartphone.

In the case of Samsung Galaxy devices in the S8, S9, S10, S20 and S21 families, the hardware abstraction layer is managed using an app called the Keymaster TA. Keymaster TA has a secure key storage area in the normal world that contains keys stored in blob form, meaning that they are encrypted for storage in the normal world, and are decrypted by the Keymaster TA. The actual decryption is done using an initialization vector, which is essentially a randomized number that serves as a starting value for the decryption operation.

These numbers are supposed to be created in the TEE, randomized and unique so that they're harder to decrypt while being stored in the normal world, but that's not the case with the aforementioned Samsung devices, the report said.

The newer Samsung devices in the S10, S20 and S21 families were designed to resist IV reuse attacks, but the researchers were able to perform a downgrade attack that made the devices resort to vulnerable forms of IV generation that rendered them just as attackable as earlier models.

As mentioned above, Samsung released patches to affected devices in August and October 2021, essentially making this a non-issue for owners of affected devices that keep them updated.

News URL

https://www.techrepublic.com/article/100-million-samsung-phones-affected-by-encryption-weakness/