The vulnerability lies in how Samsung implemented a portion of the Android Trusted Execution Environment, leading to devices as new as the S21 being vulnerable to initialization vector reuse attacks.
Attention, Samsung Galaxy smartphone owners: There’s a good chance your device is one of the 100 million that a Tel Aviv University research paper said suffer from a serious encryption flaw.
Though Samsung patched the vulnerabilities (yes, there’s more than one) when the researchers reported it in early 2021, they argue that it’s not just about exposing the flaws in a single company’s designs; “it raises the much more general requirement for open and proven standards for critical cryptographic and security designs,” the paper said.
SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)
The researchers didn’t stumble upon this error, either: They purposely targeted Samsung devices as an attempt to prove that proprietary, and often undocumented, encryption applications endanger everyone using a smartphone.
How Samsung breaks its own encryption
Understanding what Samsung has done wrong in its implementation of Android’s cryptographic security requires understanding a bit of how the Android operating system is designed. This gets complicated, and there are a lot of acronyms. Consider yourself warned.
ARM-based Android smartphones, which is pretty much all of them, use a split design that separates the top-level Android OS from the TrustZone, a separate bit of hardware that contains a Trusted Execution Environment (TEE) where an isolated TrustZone Operating System (TZOS) lives and makes use of Trust Applications (TAs) to carry out security-related functions.
In essence, when an Android app needs to do something related to user authentication or anything else related to ensuring device security, Android has to send that request to the TZOS. Here’s the catch, and the particular thing that the researchers were trying to point out: “The implementation of the cryptographic functions within the TZOS is left to the device vendors, who create proprietary undocumented designs,” the paper said.
Vendors like Samsung connect the user-facing Android side (a.k.a., the normal world) with the secure world of the TEE through a hardware abstraction layer that shares data between the Android and TEE worlds via APIs. In the case of Samsung Galaxy devices in the S8, S9, S10, S20 and S21 families, the hardware abstraction layer is managed using an app called the Keymaster TA.
Keymaster TA has a secure key storage area in the normal world that contains keys stored in blob form, meaning that they are encrypted for storage in the normal world, and are decrypted (and re-encrypted) by the Keymaster TA.
The actual decryption is done using an initialization vector (IV), which is essentially a randomized number that serves as a starting value for the decryption operation. These numbers are supposed to be created in the TEE, randomized and unique so that they’re harder to decrypt while being stored in the normal world, but that’s not the case with the aforementioned Samsung devices, the report said.
The Register pointed out a clarifying Twitter post from John Hopkins Associate Professor of Computer Science Matthew Green, who said that what the researchers discovered was that Samsung is letting the app-layer code (that’s run on the normal side) pick the IV key, which makes it trivial to decrypt them.
The end result of apps being able to pick their own IVs is that an attacker could feed their own IVs into key parameters and force the Keymaster TA to use theirs in place of a random one. This is known as an IV reuse attack, which allows attackers to spoof keys, decrypt supposedly secure information and otherwise gain illicit access to an affected device.
SEE: Google Chrome: Security and UI tips you need to know (TechRepublic Premium)
The newer Samsung devices in the S10, S20 and S21 families were designed to resist IV reuse attacks, but the researchers were able to perform a downgrade attack that made the devices resort to vulnerable forms of IV generation that rendered them just as attackable as earlier models.
Additionally, the researchers found that their discovery could also be used to bypass the FIDO2 web authentication method, a passwordless authentication system for websites, by utilizing the downgrade attack they applied to S10, S20, and S21 devices. In short, the attacker can intercept the key generation request from the website, modify it using an IV reuse attack, and then authenticate to the website with the stolen private key.
Patches are available … this time
As mentioned above, Samsung released patches to affected devices in August and October 2021, essentially making this a non-issue for owners of affected devices that keep them updated.
As the researchers said, Samsung isn’t the problem here. It’s simply one company making bad use of non-standardized practices and proprietary code that has become a security black box affecting anyone carrying a smartphone.
Damon Ebanks, VP of marketing at digital identity company Veridium, said that it’s good that Samsung has released updates addressing these bugs, but that’s no reason to understate the seriousness of the threat the researchers uncovered.
“If successful, malicious actors might gain access to the device’s normal world sector and install malware, as well as grant root rights to any programs. In addition, rather than running malware in the Android kernel, the attacker might just run code in the Android user mode,” Ebanks said.