100 million Samsung Galaxy devices vulnerable to cryptographic key hack

The Android Keystore provides hardware-backed cryptographic key management via the Keymaster Hardware Abstraction Layer (HAL) and this is implemented in the Secure World of the TrustZone, where processes are not supposed to be accessed from the outside.

Cryptographic keys are protected here using the AES-GCM encryption standard, but Samsung’s implementation of Keystore, which allows keys to be retrieved and stored (while wrapped by an encrypted layer) from the Secure World by apps operating in the Normal World, is flawed.

This allows an attacker to predictably obtain the cryptographic keys if they know the contents of one plaintext sample encrypted using AES-GCM. The encryption standard protects items using the same key and relies on unique initialization vectors (IVs) never being reused.

The researchers were able to show how Samsung devices were vulnerable to the IV reuse attack, allowing attackers to assign IVs as part of the key parameters.

In approaching the research, the academics assumed an attacker could fully compromise the Normal World through mechanisms such as malware granting root privileges. The attacker would not need to be able to run code in the Android kernel, just be able to execute code in the Android user mode.

The researchers disclosed their findings to Samsung in August 2021 and the manufacturer addressed the issues by publishing the flaws to the Common Vulnerabilities and Exposures (CVE) register.

The initial IV reuse attack is tracked as CVE-2021-25444 with a ‘high’ severity rating, and patched in August 2021.

The downgrade attack which allowed newer devices, such as the Samsung Galaxy S20 and S21, to become vulnerable to the IV reuse attack, was patched in October 2021 after its CVE (CVE-2021-25490) addressed the issue for all devices running Android 9 or later.

Although Samsung's latest Galaxy S22 devices are also based on ARM architecture, they will not ship with OS versions before Android 9 as standard and as such will theoretically not be vulnerable to the researcher's attack.

"Samsung takes the security of Galaxy devices seriously. We are constantly looking for ways to enhance the security of our products and welcome any input from research communities," the company told IT Pro.

"The reported issue was acknowledged and has been addressed through security updates since August 2021. We recommend our users to keep their devices updated with the latest software to enjoy safe and convenient Galaxy mobile experiences."

Building data-driven government with the Microsoft Power Platform

How to break down data silos and reap valuable data insights

Improve security and compliance

Adopting an effective security and compliance risk management approach

Taking the lead on IT automation

IT leaders as evangelists for their automation strategies

The best defence against ransomware

How ransomware is evolving and how to defend against it