Trust Dies in Darkness - Shedding Light on Samsung's TrustZone Keymaster Design

Explore a critical security analysis of Android's Hardware-Backed Keystore in Samsung Galaxy devices during this Black Hat conference talk. Delve into the reverse-engineered cryptographic design and code structure of flagship models S8 through S21. Uncover severe design flaws, including an IV reuse attack on AES-GCM that compromises hardware-protected key material. Learn about a downgrade attack that exposes even the latest Samsung devices to key extraction vulnerabilities. Witness practical demonstrations of successful key extraction attacks on current models. Gain valuable insights from security researchers Alon Shakevsky, Eyal Ronen, and Avishai Wool as they shed light on the potential risks in Samsung's TrustZone Keymaster implementation.