100 million Samsung Galaxy devices vulnerable to cryptographic key hack

Researchers have found “severe” security flaws in a long line of flagship smartphones made by Samsung whereby attackers can lift cryptographic keys.

Potentially affecting around 100 million Samsung devices including the Galaxy S21, Galaxy S20, and others dating back to the Galaxy S8, attackers can remotely lift cryptographic keys to bypass security authentication standards such as FIDO2.

Real-world applications of the vulnerabilities could see attackers extracting keys used for secure payments such as those made through Google Pay, and bypassing FIDO2 authentication which is often used in place of account passwords.

The researchers from Tel-Aviv University demonstrated how two feasible real-world attacks can be performed on even the latest Samsung devices. Said attacks allowed the researchers to extract cryptographic keys from hardware-protected elements of the device, and downgrade devices so that they’re vulnerable to these attacks, known as IV reuse attacks.

They explained how ARM devices use TrustZone technology which essentially splits a device into two parts: the ‘Normal World’ where normal applications on an operating system (OS) like Android can run; and the ‘Secure World’ which is essentially an isolated environment in which only trusted applications, like those critical to device security, are supposedly able to run.

The Android Keystore provides hardware-backed cryptographic key management via the Keymaster Hardware Abstraction Layer (HAL) and this is implemented in the Secure World of the TrustZone, where processes are not supposed to be accessed from the outside.

Cryptographic keys are protected here using the AES-GCM encryption standard, but Samsung’s implementation of Keystore, which allows keys to be retrieved and stored (while wrapped by an encrypted layer) from the Secure World by apps operating in the Normal World, is flawed.

This allows an attacker to predictably obtain the cryptographic keys if they know the contents of one plaintext sample encrypted using AES-GCM. The encryption standard protects items using the same key and relies on unique initialization vectors (IVs) never being reused.

The researchers were able to show how Samsung devices were vulnerable to the IV reuse attack, allowing attackers to assign IVs as part of the key parameters.

In approaching the research, the academics assumed an attacker could fully compromise the Normal World through mechanisms such as malware granting root privileges. The attacker would not need to be able to run code in the Android kernel, just be able to execute code in the Android user mode.

The researchers disclosed their findings to Samsung in August 2021 and the manufacturer addressed the issues by publishing the flaws to the Common Vulnerabilities and Exposures (CVE) register.

The initial IV reuse attack is tracked as CVE-2021-25444 with a ‘high’ severity rating, and patched in August 2021.

The downgrade attack which allowed newer devices, such as the Samsung Galaxy S20 and S21, to become vulnerable to the IV reuse attack, was patched in October 2021 after its CVE (CVE-2021-25490) addressed the issue for all devices running Android 9 or later.

Although Samsung's latest Galaxy S22 devices are also based on ARM architecture, they will not ship with OS versions before Android 9 as standard and as such will theoretically not be vulnerable to the researcher's attack.

"Samsung takes the security of Galaxy devices seriously. We are constantly looking for ways to enhance the security of our products and welcome any input from research communities," the company told IT Pro.

"The reported issue was acknowledged and has been addressed through security updates since August 2021. We recommend our users to keep their devices updated with the latest software to enjoy safe and convenient Galaxy mobile experiences."