Researchers at Tel Aviv University discovered "serious" design flaws in the encryption of Samsung smartphones, allowing attackers to obtain cryptographics device keys.
In addition, intruders could exploit Samsung's cryptographic errors - there are many CVEs - to degrade a device's security protocols. This of course makes phones vulnerable to attacks and in particular to a practice known as initialization vector IV attacks.
Design flaws mainly affect devices that use ARM TrustZone technology. TrustZone splits a phone into two parts, the Normal world (for regular tasks such as Android OS) and the Secure world, which operates the security subsystem and where all sensitive resources are located. Secure world is only accessible to trusted applications used for security-sensitive functions, such as encryption.
Matthew Green, her associate professor scienceof computers at the Johns Hopkins Information Security Institute, said on Twitter that Samsung built "serious flaws" into the way its phones encrypt key hardware in TrustZone.
Ugh god. Serious flaws in the way Samsung phones encrypt key material in TrustZone and it's embarrassingly bad. They used a single key and allowed IV re-use. https://t.co/XteB3kc8cH pic.twitter.com/4wxA6XBuN2
- Matthew Green (@matthew_d_green) February 22, 2022
Samsung phones at stake right now are all the models that were released from the Galaxy S8 of 2017 to the Galaxy S21 of last year.
For more information:
threatpost.com
CVE-2021-25444, CVE-2021-25490
