Researchers at Tel Aviv University discovered "serious" design flaws in the encryption of Samsung smartphones, which allow attackers to obtain the devices' cryptographic keys.
Additionally, attackers could exploit Samsung's cryptographic flaws — there are many CVEs — to degrade security protocols of a device. This of course makes phones vulnerable to attacks, specifically a practice known as IV (initialization vector) reuse attacks.
Design flaws mainly affect devices that use ARM TrustZone technology. TrustZone splits a phone into two parts, the Normal world (for regular tasks such as Android OS) and the Secure world, which operates the security subsystem and where all sensitive resources are located. Secure world is only accessible to trusted applications used for security-sensitive functions, such as encryption.
Ο Matthew Green, αναπληρωτής καθηγητής της scienceof computers at the Johns Hopkins Information Security Institute, said on Twitter that Samsung built "serious flaws" into the way its phones encrypt key hardware in TrustZone.
Ugh god. Serious flaws in the way Samsung phones encrypt key material in TrustZone and it's embarrassingly bad. They used a single key and allowed IV re-use. https://t.co/XteB3kc8cH pic.twitter.com/4wxA6XBuN2
- Matthew Green (@matthew_d_green) February 22, 2022
Samsung phones at stake right now are all the models that were released from the Galaxy S8 of 2017 to the Galaxy S21 of last year.
For more information:
threatpost.com
CVE-2021-25444, CVE-2021-25490