all InfoSec news
Samsung Encryption Flaw
Security Boulevard securityboulevard.com
Researchers have found a major encryption flaw in 100 million Samsung Galaxy phones.
From the abstract:
In this work, we expose the cryptographic design and implementation of Android’s Hardware-Backed Keystore in Samsung’s Galaxy S8, S9, S10, S20, and S21 flagship devices. We reversed-engineered and provide a detailed description of the cryptographic design and code structure, and we unveil severe design flaws. We present an IV reuse attack on AES-GCM that allows an attacker to extract hardware-protected key material, and a …
academic papers android cryptanalysis cryptography encryption endpoint flaw mobile security samsung smartphones vulnerabilities