Did Samsung ship many of its smartphones with inadequate encryption? Some IT security researchers have now made this accusation in a scientific paper. Apparently affected are millions of devices of the model series Galaxy S8, Galaxy S9, Galaxy S10, Galaxy S20 and Galaxy S21.
Cryptographic design and code affected
The scientific paper was published by three security experts from Tel-Aviv University. In it, serious accusations are leveled against the South Korean tech company. Using so-called reverse engineering, the researchers, named Eyal Roen, Avishai Wool and Alon Shakevsky, were able to work out that the faulty devices are said to have two Achilles heels. In addition to security flaws in the code structure, there is also a lack of reliability in the so-called cryptographic design – that is, the encryption of important data.
Vulnerabilities due to incorrect implementation
To understand the cause of the problem, one must first consider how Android smartphones are designed in this area. According to an article by The Register, a so-called “trusted execution environment” is used here. Its basic idea is to keep content of security relevance separate from conventional apps and programs. This particularly sealed-off space itself also does not use Google’s in-house operating system. Instead, its own OS is used here. What and how it serves as the software basis here is up to Samsung and every other smartphone manufacturer. One possibility is the so-called Android Keystore.
This is used in particular to manage so-called cryptographic keys. If Android needs a certain key to perform an action, it can request it from the keystore. The API issued in this case is implemented by the operating system as a “trusted application”. This has security-relevant reasons in particular. Ultimately, only sufficiently encrypted keys should communicate with the conventional applications. Meanwhile, the sensitive data is located in the trusted application. This is exactly where the problem of millions of Samsung smartphones that have now become known is buried. After all, Samsung has quite obviously implemented its keystore or the associated elements incorrectly in the affected devices.
Around 100 million smartphones affected
According to the security researchers, not only older models of the tech company are affected. In addition to older flagships such as Galaxy S8, S9 and S10, the relatively current generations S20 and S21 are also said to be affected. A look at the numbers gives us a bad idea. According to the experts, almost 100 million devices are affected. But what consequences do owners of an affected device have to fear now? The problem with the incorrect implementation is the fact that the encryption is sometimes inadequate.
The reason for this is that the security software sometimes produces congruent results when encrypting data. As a result, it becomes predictable and loses out on security. Cybercriminals will find this a feast for their eyes. Since Samsung has probably known about the problem since May last year, the company has already responded with security updates. However, these have not yet eliminated the entire problem. However, we assume that the company will continue to take care of closing the remaining security gaps.
No replies yet
Neue Antworten laden...
Neues Mitglied
Beteilige dich an der Diskussion in der Basic Tutorials Community →