Samsung has shipped around 100 million smartphones with faulty or weak encryption
Samsung makes a big thing of including Knox security on its smartphones; it even has a dedicated website to the platform. Supposedly, Samsung builds every Knox device 'from the hardware chip up to isolate, encrypt, and secure your data'. However, a recent paper from security researchers at Tel-Aviv University suggests that Samsung's security platform may not be as secure as it claims. In fact, Samsung may have shipped up to 100 million smartphones with faulty or weak encryption.
As The Register reports, Android smartphones rely on a Trusted Execution Environment (TEE) that isolates security functionality from regular apps. Additionally, TEEs operate on TrustZone (TZOS), a dedicated operating system away from Android. Individual vendors implement TZOS' cryptographic functions, such as Samsung, Sony and Xiaomi.
In the paper, the researchers explain that Samsung failed to properly implement a Trusted Application that stores cryptographic keys in TZOS. For reference, Samsung uses Keymaster TA to handle cryptographic operations, which talks to Android Keystore's Keymaster Hardware Abstraction Layer (HAL). Keymaster TA stores cryptographic keys as blobs that it encrypts using AES-GCM.
Theoretically, these keys should only be readable within the TEE. Unfortunately for Samsung, the researchers reversed engineered Keymaster TA and demonstrated that they could the keys using an Initialization Vector (IV) reuse attack. According to the researchers, Samsung flagship Galaxy S smartphones from the Galaxy S8 onwards are affected, including last year's Galaxy S21 series.
The researchers add that Samsung's weak encryption allowed them to bypass Google Secure Key Import and FIDO2-WebAuthn. In short, the bypass allowed them authentication on a website protected by the Android StrongKey application. Apparently, Samsung has already responded to the researcher's work with security patches, having been informed about the issues as early as May 2021.