Man holding Samsung phone with virtual lock showing encryption

100 Million Samsung Phones Shipped With Flawed Encryption; Galaxy S8 to S21 Series Cryptographic Keys “Trivial” To Expose

A recent study demonstrates a “severe” design flaw at the core of the cryptographic key structure of some 100 million Samsung phones, one that essentially “shatters” encryption on these devices.

The impacted phones are in the Samsung Galaxy series, beginning with the S8 (released in 2017) and ranging up to the S21 series released in early 2021. The study claims that the hardware-based cryptographic keys have an encryption process that is “trivial” to decode due to a predictable algorithm, and that it opens the door to attackers not just for theft of keys but for bypass of the fundamental security of the phone.

Samsung phones patched, but vulnerability reaches back years

The good news is that Samsung has issued a set of two patches for the impacted phones, well ahead of a planned presentation of the vulnerability at the upcoming USENIX Security 2022 symposium in August. The patches were apparently sent out in July 2021 after the researchers privately disclosed their findings. The scope of the vulnerability is massive, however, impacting Samsung’s line of flagship phones dating back just over five years.

“Trust Dies in Darkness: Shedding Light on Samsung’s TrustZone Keymaster Design”, published by a team of researchers from Tel Aviv University, details a means by which attackers can access the device’s hardware-based cryptographic keys that not only protect communications but also handle device security protocols (such as the FIDO2 web authentication standard and the data security for mobile payment services such as Samsung Pay). The researchers were additionally able to bypass Google’s Secure Key Import, which allows safe sharing of keys between servers and individual Android devices.

The issue is with the “TrustZone” technology employed in the ARM processor of Samsung phones. The researchers point out that the encryption algorithm is more than adequate, but the phone developers used it in an ineffective way. The impacted Samsung phones essentially make use of a single encryption key, but do not create a new “wrapping” for each new key instance. The code that generates encryption initialization vectors, the first step in the “randomization” process, is also chosen by an app layer that is not in TrustZone’s “secure area.”

This represents a fundamental failure in terms of how encryption is supposed to work. The hardware layer is supposed to be impenetrable in this way even with significant effort, much less through a “trivial” process. This essentially renders Samsung phones in the Galaxy line from 2017 to 2021 completely insecure (Galaxy S8, S9, S10, S20, and S21 phones), at least until they are updated to security patches from July 2021 and beyond. The vulnerability requires an attacker to run code on the target device, something that would generally be done via a malicious link or attachment in a phishing message or email.

It is also necessary for these Samsung phone models to be running Android 9 at minimum for the patches to work. Android 9 was released in mid-2018, after the Galaxy S8 and S9 hit the market. These older phones did have windows in which Samsung allowed them to be updated to both Android 9 and Android 10, but Samsung stopped supporting the S8 as of May 2021.

Secrecy of encryption design at root of the issue

While the fault ultimately lies with the phone designers, the researchers say that they were influenced by the complete secrecy with which manufacturers Samsung and Qualcomm guard the encryption designs of their hardware. Lacking key information, the designers essentially implemented an unsafe workaround to get the phones running.

In the meantime, Samsung phones that are at least on Android 9 and have security updates installed up to August 2021 should no longer be vulnerable. Damon Ebanks, VP Marketing for Veridium, expands on what the user risk would be if the issue is not patched: “It’s important to understand the gravity of the situation because, if the researchers hadn’t uncovered this, Samsung’s users were facing a severe threat. If successful, malicious actors might gain access to the device’s Normal World sector and install malware, as well as grant root rights to any programs. In addition, rather than running malware in the Android kernel, the attacker might just run code in the Android user mode.”

Study claims that the hardware-based cryptographic keys of Samsung Galaxy phones from 2017 to 2021 have an #encryption process that is ‘trivial’ to decode. #cybersecurity #respectdataClick to Tweet

Samsung phones and mobile devices have had a string of security and safety issues in recent years. In June 2021 researchers discovered several vulnerabilities in Samsung’s pre-installed apps. The most significant was the ability to access the permissions of the Samsung Secure Folder app which has expansive rights across the device. This issue also impacted the Galaxy line, but patches were issued for it in April and May 2021. The Galaxy line also required emergency patching in 2020 when it was found that the “Find My Mobile” feature could be exploited by an attacker to force a factory reset. And of course, there was the infamous Note 7 phone that had to be recalled because they were prone to catch fire; Samsung has had sporadic flare-ups of phones overheating since, for example when a Galaxy A21 caught fire on an airplane and forced an evacuation, but not to the point of recalling any other models.