Samsung Hit By Flawed Hardware Encryption Over 100 million Samsung Galaxy Phones Affected.

Samsung Hit By Flawed Hardware Encryption Over 100 million Samsung Galaxy Phones Affected.

A group of scholars from a University of Israel have detailed the almost ‘fatal’ design flaws affecting about 100 million Android-based Samsung smartphones that could have resulted in the extraction of secret cryptographic keys. The said flaws have since been fixed.

Researchers investigating the cause of the flaws believe that they resulted from cryptographic design and implementation of Android’s hardware-backed Keystore. A number of Galaxy brands like the S8, S9, S10, S20 and S21 flagship devices were affected by the flaws.

To gauge the vulnerability of software/applications used in these devices, these are tested in Trusted Execution Environments (TEEs) which are ‘closed areas’ making available a secluded space. Here, security-related critical operations are checked to ensure confidentiality and integrity of Trusted Applications (TAs).

Together with TEE, Keystore is a hardware-supported system in Android devices, that enables the construction and storage of encryption codes (keys) inside the parameters of TEE, which makes it harder to pick and copied from the device so that the primary operating system is prevented from having straight contact. Rather, the Android Keystore allows connection of Application Programming Interfaces with outside servers in the form of Keymaster TAs to execute within the domain, all cryptographic processes; including protected key creation, their embedding and handling for digital endorsements and encryption.

In Samsung mobile devices, the Keymaster TA runs in a TEE under using ARM TrustZone Technology. But the safety flaws detected in these devices show that an attacker, with fundamental read and write entitlements, can effectively get through to the secure element to have access to the hardwareprotected private keys.

The detected issues are listed below :

In view of security researchers’ responsible disclosure communicated in May and July of last year, appropriate updates for affected devices were issued accordingly. The detailed report of the flaws will be shared this August at USENIX’s symposium on security.

According to the researchers, manufacturers such as Samsung and Qualcomm keep their designs and implementation procedures related to operating systems and TAs strictly confidential. They are of the opinion that such details should go through stringent audit and review process to be carried out by independent researchers and should not follow the hard route of dismantling and revamping of the proprietary systems.