Last Updated on 02/03/2022 by Nidhi Khandelwal
A group of Tel Aviv University scientists has revealed details of now-patched “serious” design defects that might have allowed the extraction of private encryption keys from around 100 million Android-based Samsung handsets.
Researchers Alon Shakevsky, Eyal Ronen, and Avishai Wool discovered the flaws after studying the cryptographic design and implementation of Android’s hardware-backed Keystore in Samsung’s Galaxy S8, S9, S10, S20, and S21 flagship devices.
TEEs (Trusted Execution Environments) are a safe zone that provides an isolated environment for the execution of Trusted Applications (TAs) in order to maintain confidentiality and integrity.
The hardware-backed Keystore on Android is a technology that simplifies the production and storing of cryptographic keys within the TEE, making them more difficult to extract from the device while preventing direct access by the underlying operating system.
Instead, the Android Keystore exposes APIs in the form of Keymaster TA (trusted application) to execute cryptographic activities, such as safe key generation, storage, and use for digital signature and encryption, within this environment. The Keymaster TA runs on an ARM TrustZone-based TEE on Samsung mobile devices.
In a nutshell, successful exploitation of the weaknesses in the Keymaster TA could allow unauthorized access to TEE-protected keys and data. The consequences of such an assault could range from an authentication bypass to advanced attacks that can compromise cryptographic systems’ core security guarantees.
The flaws were fixed by security patches distributed in August and October 2021 for the impacted devices, following responsible disclosure in May and July 2021. The results will be presented at the USENIX Security Symposium later this month.