Breaking Samsung's Root of Trust: Exploiting Samsung S10 Secure Boot

The presentation discusses the vulnerabilities found in Samsung phones and the steps taken to exploit them.

• The presentation discusses the exploitation of vulnerabilities found in Samsung phones
• The vulnerabilities allow for the execution of arbitrary code in secure boot
• The team found over 10 vulnerabilities in 2019 and more in 2020
• Multiple vulnerabilities are needed to retrieve protected data
• The data in the phone is still safe despite the vulnerabilities

The team found a vulnerability in gatekeeper translate which allowed them to brute force the screen pass code. Combined with another vulnerability, they were able to unlock the phone and access sensitive data.

Being the highest market share smartphone manufacturer, Samsung conducts a series of protection on Android called Knox Platform to ensure the security of its smartphones. During the booting process, Samsung uses S-boot (Secure Boot) to make sure it can only boot a stocked image. If the device tries to boot a custom image, it will trip a one-time programmable bit e-fuse (a.k.a Knox bit). Once a trustzone app (trustlet) detects the Knox bit tripped, it will delete the encryption key for the sensitive data to prevent unauthorized data access to the locked phone.In this presentation, we'll present several vulnerabilities we found in S-Boot that are related to USB request handling. By exploiting these vulnerabilities, we're allowed to bypass the mitigation of S-boot through the USB device and obtain code execution in early boot stage. In other words, as long as we have the phone (whether locked or not) and an USB-C connector, we'll be able to boot a custom image without tripping the Knox bit, allowing us to retrieve sensitive data from a locked device.We will also describe how we discover and exploit the vulnerabilities in detail, demonstrate the exploit on a Samsung Galaxy S10 smartphone, and discuss the possible impact of these vulnerabilities.