Recently, researchers at Tel Aviv University found that there are "serious" design flaws in the data encryption of Samsung mobile phones, which may allow attackers to steal the hardware encryption keys of Samsung mobile phones and extract the most sensitive data from Samsung smartphones.
More importantly, network attackers can even use Samsung's encryption vulnerability-three CVE numbers have been assigned-to reduce the security protocol of devices. This will make Samsung mobile phones more vulnerable to an attack called IV (Initialization Vector) multiplexing. IV multiplexing attack can crack encryption randomization, and can ensure that after multiple messages of the same plaintext are encrypted, the corresponding ciphertexts generated are different.
Trust lost in the dark:
Untrustable implementation of TrustZone
In a paper written by Alon Shakevsky, Eyal Ronen and Avishai Wool, entitled "Trust Dies in the Dark: Key Master Design for Illuminating Samsung's Trust Zone" (the link is at the end of the paper), scholars explain that today, the data controlled by smart phones include sensitive information, images and files; Encryption key management; FIDO2 network authentication; Digital rights management (DRM) data; Mobile payment service data such as Samsung Payment; And enterprise identity management.
It is reported that the author will introduce these vulnerabilities in detail at the upcoming 2022 USENIX security seminar in August.
The design flaw of TrustZone master key mainly affects the devices using TrustZone technology based on ARM architecture: Android smartphones based on ARM (mostly) provide hardware support for trusted execution environment (TEE) and realize security functions.
TrustZone divides the mobile phone system into two parts, the ordinary world (used to run routine tasks, such as Android operating system) and the secure world, and the latter is used to handle the security subsystem and all sensitive resources. Only trusted applications with security-sensitive functions (including encryption) can access the secure world.
Matthew Green, an associate professor of computer science at Johns Hopkins Institute of Information Security, explained on Twitter that there was a "serious flaw" in the way Samsung TrustZone encrypted key materials, calling it "very bad".
"They use a key and allow IV to be reused," Green said.
"So they can derive different packaging keys for each protected key," he continued. "But Samsung didn't do it. They allow application-layer code to choose encryption IV. " This design decision can be "simply decrypted".
Paul Ducklin, chief research scientist of Sophos, accused Samsung coders of committing "major password crimes". In other words, "they failed to use the encryption algorithm (AES-GCM) correctly." He explained to Threatpost by email on Thursday.
Simply put, AES-GCM needs to provide a new random number for each new encryption operation. This is not just a' good' function, but a mandatory algorithm requirement, which is necessary, not necessary. Ducklin stressed: "This randomness is called' nonce', which is the abbreviation of a number that is used once-every encryption programmer should regard it as * command *, not just a noun."
Ducklin explained that unfortunately, Samsung's so-called security encryption code did not enforce this requirement. In fact, it allows applications running outside the security encryption hardware components not only to influence the random numbers used in them, but also to select these random numbers accurately and maliciously, and to repeat them frequently according to the needs of the application creator.
By taking advantage of this vulnerability, researchers can complete a task that is "considered impossible, or as close to impossible as possible": extracting encrypted information from secure hardware.
Defects bypass safety standards.
These security vulnerabilities not only allow cyber criminals to steal encryption keys stored on Samsung devices, but also allow attackers to bypass security standards, such as FIDO2.
According to The Register, as of May 2002 1 year, when researchers disclosed these vulnerabilities to Samsung, nearly1100 million Samsung Galaxy phones had been threatened.
Samsung responded to this disclosure by releasing a patch for the affected devices, which solved the IV reuse vulnerability of CVE -202 1-25444: Keymaster Trusted Application (TA) running in TrustZone. Keymaster TA encrypts in the secure world through hardware (including encryption engine). Keymaster TA uses blob, which is a key "wrapped" (encrypted) by AES-GCM. This vulnerability allows decryption of custom key blob.
Then, in July 20021year, the researchers revealed a degenerate attack-an attack that allowed attackers to trigger IV reuse vulnerabilities through privileged processes. Samsung released another patch -CVE-202 1-25490 to delete the old blob implementation from devices including Samsung Galaxy S 10, S20 and S2 1 mobile phones.
Paper link:
https://eprint.iacr.org/2022/208.pdf