Researchers at Tel Aviv University have discovered "serious" design flaws in the encryption of Samsung smartphones, which allow intruders to obtain the device's cryptographic keys.
Additionally, attackers could exploit Samsung's cryptographic flaws — there are many CVEs — to degrade the protocols security one devices. This of course makes phones vulnerable to attacks, specifically a practice known as IV (initialization vector) reuse attacks.
The design flaws primarily affect devices using ARM's TrustZone technology. TrustZone divides a phone into two parts, the Normal world (for running regular tasks like Android OS) and the Secure world, which handles the subsystem security and where all sensitive resources are located. Secure world is only accessible to trusted apps used for security-sensitive functions such as encryption.
Matthew Green, an associate professor of computer science at the Johns Hopkins Institute for Information Security, said on Twitter that Samsung had incorporated "serious flaws" in the way its phones encrypt key hardware in TrustZone.
Ugh god. Serious flaws in the way Samsung phones encrypt key material in TrustZone and it's embarrassingly bad. They used a single key and allowed IV re-use. https://t.co/XteB3kc8cH pic.twitter.com/4wxA6XBuN2
- Matthew Green (@matthew_d_green) February 22, 2022
Samsung phones at stake right now are all the models that were released from the Galaxy S8 of 2017 to the Galaxy S21 of last year.
For more information:
threatpost.com
CVE-2021-25444, CVE-2021-25490