Notebookcheck Logo

Samsung has shipped around 100 million smartphones with faulty or weak encryption

The Galaxy S21 Ultra is reputed to be one of the affected devices. (Image source: Denis Cherkashin)
The Galaxy S21 Ultra is reputed to be one of the affected devices. (Image source: Denis Cherkashin)
Reportedly, Samsung has sent out tens of millions of smartphones with weak or faulty encryption. Estimates for the number of affected smartphones could reach 100 million and include all Galaxy S smartphones from the Galaxy S8 onwards. Samsung was made aware of the security issues nearly a year ago.

Samsung makes a big thing of including Knox security on its smartphones; it even has a dedicated website to the platform. Supposedly, Samsung builds every Knox device 'from the hardware chip up to isolate, encrypt, and secure your data'. However, a recent paper from security researchers at Tel-Aviv University suggests that Samsung's security platform may not be as secure as it claims. In fact, Samsung may have shipped up to 100 million smartphones with faulty or weak encryption. 

As The Register reports, Android smartphones rely on a Trusted Execution Environment (TEE) that isolates security functionality from regular apps. Additionally, TEEs operate on TrustZone (TZOS), a dedicated operating system away from Android. Individual vendors implement TZOS' cryptographic functions, such as Samsung, Sony and Xiaomi. 

In the paper, the researchers explain that Samsung failed to properly implement a Trusted Application that stores cryptographic keys in TZOS. For reference, Samsung uses Keymaster TA to handle cryptographic operations, which talks to Android Keystore's Keymaster Hardware Abstraction Layer (HAL). Keymaster TA stores cryptographic keys as blobs that it encrypts using AES-GCM.

Theoretically, these keys should only be readable within the TEE. Unfortunately for Samsung, the researchers reversed engineered Keymaster TA and demonstrated that they could the keys using an Initialization Vector (IV) reuse attack. According to the researchers, Samsung flagship Galaxy S smartphones from the Galaxy S8 onwards are affected, including last year's Galaxy S21 series.

The researchers add that Samsung's weak encryption allowed them to bypass Google Secure Key Import and FIDO2-WebAuthn. In short, the bypass allowed them authentication on a website protected by the Android StrongKey application. Apparently, Samsung has already responded to the researcher's work with security patches, having been informed about the issues as early as May 2021.

Source(s)

Read all 2 comments / answer
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2022 03 > Samsung has shipped around 100 million smartphones with faulty or weak encryption
Alex Alderson, 2022-03- 2 (Update: 2022-03- 2)