Newsletter
Researchers at Israel’s Tel Aviv University have uncovered a serious security flaw with Samsung smartphones ranging from the Galaxy S8 in 2017 to last year’s Galaxy S21. This is part of a paper titled “Trust Dies in Darkness: Shedding Light on Samsung’s TrustZone Keymaster Design” by academics Alon Shakevsky, Eyal Ronen, and Avishai Wool. The group will provide a detailed presentation of the vulnerabilities at the upcoming ‘USENIX Security, 2022’ symposium.
These security flaws allow cybercriminals to steal cryptographic keys stored on the device. It also lets attackers bypass security standards like FIDO2. The researchers classified these security issues as “severe,” possibly impacting nearly 100 million Samsung Galaxy devices (via The Register).
Researchers demonstrated how the attackers could potentially fetch hardware-backed cryptographic keys from Samsung phones. Further, cybercriminals could even downgrade the security protocols of a device, thus making it more vulnerable to future attacks. This is a practice known as (initialization vector) IV reuse attacks.
The issue primarily impacts devices that leverage chipmaker Arm’s TrustZone technology. TrustZone effectively splits a device into two portions referred to as the Normal World and the Secure World. The Normal World is the area of the device which runs the regular tasks, such as the Android operating system. The Secure World, on the other hand, manages the security apparatus and is hence only accessible to Trusted Applications. These are apps or services that the manufacturer uses for device security and encryption.
Researchers reached out to Samsung about these vulnerabilities in August last year
Meanwhile, the Android Keystore system offers a robust key management system through the Keymaster Hardware Abstraction Layer or HAL. This exists inside Secure World within the TrustZone and can block outside access to its processes. Cryptographic keys within this system use the AES-GCM encryption standard for protection. This standard protects items by leveraging the same key and works only when the IVs aren’t reused.
However, as ITPro points out, Samsung’s version of Keystore has a serious flaw, allowing attackers to steal the cryptographic keys only by knowing the contents of one plaintext sample. Researchers showed how Samsung devices are susceptible to the IV reuse attack by letting cybercriminals attach IVs as a portion of the key parameters.
If successfully infiltrated, the attackers could get into the Normal World section of the device and allow malware to run rampant. It can even grant root privileges to apps of its choosing. And instead of running code within the Android kernel, the attacker could simply execute code within the Android user mode.
One of the earlier IV reuse attacks has been termed as “CVE-2021-25444,” with the researchers giving it a “high” severity rating. Thankfully, Samsung fixed this vulnerability in August 2021. It’s also worth noting that the downgrade attack that left newer Samsung phones like the Galaxy S20 and the Galaxy S21 vulnerable to an IV reuse attack is no longer a concern. Samsung fixed this in October 2021.
The good news is that the research team approached Samsung last August with the details of these vulnerabilities. The company then published these flaws to the Common Vulnerabilities and Exposures (CVE) register.