all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Samsung Encryption Flaw

Add to bookmarks
March 4, 2022, 12:19 p.m. | Bruce Schneier

Security Boulevard securityboulevard.com

Researchers have found a major encryption flaw in 100 million Samsung Galaxy phones.


From the abstract:



In this work, we expose the cryptographic design and implementation of Android’s Hardware-Backed Keystore in Samsung’s Galaxy S8, S9, S10, S20, and S21 flagship devices. We reversed-engineered and provide a detailed description of the cryptographic design and code structure, and we unveil severe design flaws. We present an IV reuse attack on AES-GCM that allows an attacker to extract hardware-protected key material, and a …

academic papers android cryptanalysis cryptography encryption endpoint flaw mobile security samsung smartphones vulnerabilities

Visit resource

More from securityboulevard.com / Security Boulevard

Understanding Cybersecurity Vulnerabilities an hour ago | securityboulevard.com
advice attacks can cybersecurity +12
Bridging the Gap: Uniting Development and AppSec 2 hours ago | securityboulevard.com
application security appsec aspm bridging the gap +20
USENIX Security ’23 – Union Under Duress: Understanding Hazards of Duplicate Resource Mismediation in Android … 3 hours ago | securityboulevard.com
access android authors conference +20
Agile by Design: Cybersecurity at the Heart of Transformation 5 hours ago | securityboulevard.com
agile blog business can +25
Cybersecurity Insights with Contrast CISO David Lindner | 4/26/24 5 hours ago | securityboulevard.com
ai analytics & intelligence artificial intelligence audio +26
Segregation of Duties Remediation in Oracle ERP Cloud 5 hours ago | securityboulevard.com
actions articles cloud digital +14
Fix SPF Permerror: Overcome SPF Too Many DNS Lookups Limit 6 hours ago | securityboulevard.com
authentication cybersecurity deliverability dns +6
Announcing the General Availability of TitaniumScale v5.0: Enhancing File Analysis for Advanced Threat Detection 6 hours ago | securityboulevard.com
advanced advanced threat advanced threat detection analysis +23
The ultimate cyber spring-cleaning checklist 7 hours ago | securityboulevard.com
can checklist cleaning cyber +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Architect - Hardware

@ Intel | IND - Bengaluru
View on infosec-jobs.com

Elastic Consultant

@ Elastic | Spain
View on infosec-jobs.com

OT Cybersecurity Specialist

@ Emerson | Abu Dhabi, United Arab Emirates
View on infosec-jobs.com

Security Operations Program Manager

@ Kaseya | Miami, Florida, United States
View on infosec-jobs.com

Senior Security Operations Engineer

@ Revinate | Vancouver
View on infosec-jobs.com
View more jobs