For almost four years, the management of encryption keys in Samsung smartphones was totally flawed. Indeed, security researchers from Tel Aviv University have found major flaws in the implementation of the TrustZone. This secure execution space that is materially distinct from Android serves, among other things, as a cryptographic safe (“Hardware Backed Keystore”), making it possible to generate and manipulate encryption keys for the various Android applications.
Also see video:
With the arrival of the Samsung Galaxy S9 in early 2018, a gross error related to the initialization parameters of the AES-GCM algorithm crept into the implementation of this cryptographic safe. A hacker able to take control of Android could then recover all the encryption keys that had been generated on the device. This flaw was not exploitable in subsequent models S10, S20, and S21, where encryption key management relied on a slightly different process. However, the researchers found a way to downgrade the operation of these devices to the process implemented in the S9. Again, it was therefore possible to access all the encryption keys. Researchers estimate that more than 100 million Samsung devices were vulnerable to such attacks.
Concretely, what is the impact? Such an attack can, for example, undermine the FIDO2/WebAuthn authentication system. To avoid the use of passwords, it relies on authentication modules that will use a private key and a public key. Such a module can be a security key or, as here, a smartphone with a TrustZone. By using the flaw discovered by the researchers, a hacker can recover this private key and thus create clones of this authentication module. Which should never be possible with FIDO2.
This attack also bypasses the “Secure Key Import” feature, which Google uses to securely share certain secret keys of its services with users’ smartphones. This is particularly the case for… Google Pay. A hacker could therefore get his hands on the private keys of this payment service. The good news is that these loopholes have since been closed. The gross error found in the S9 was fixed in August 2021. The ability to downgrade cryptographic operation was removed in October 2021.
Source: Scientific report