Samsung Rebuffs Criticism of Knox Crypto, Password Management

Samsung has answered a researcher’s critique of alleged encryption and password weaknesses in early version of its Knox technology on Galaxy and Note devices.

Replies and rebuttals are flying about regarding a report critical of the encryption and password management functions deployed with Samsung’s Knox technology in its Android-based Galaxy and Note mobile devices.

Last week, a researcher published an advisory that said a PIN chosen during setup of the Knox App on consumer versions of Samsung devices is stored in clear text. The researcher was also critical of the libraries used to derive encryption keys by the version of Knox he tested, Knox Personal on the Galaxy S4. Samsung has since said Knox Personal has been replaced, and that the security issues—some of which Samsung confirmed—are not present on the enterprise version of Knox.

“It appears that the discrepancy is that these researchers seem to have tested an old, discontinued version of Knox that was never intended for enterprise use,” said Dan Rosenberg, senior security researcher with Azimuth Security. “These flaws may have been present on that platform, but at least according to Samsung, do not affect users of the latest version of Knox, and have never affected users of the enterprise solution (as opposed to the “Personal” containers).”

The report came less than a week after the National Security Agency endorsed Galaxy devices running Knox as part of its Commercial Solutions for Classified Program. By including Galaxy devices on this list, the agency cleared it for use in protecting classified data.

Knox is the code name for partitions, or containers, used on Samsung smartphones and tablets to keep personal and business data separate and encrypted. Samsung issued its statement late Friday to three points made in the report.

The first was a claim that a mealy machine library was used in the key generation process. Samsung said Knox 1.0 uses Password-Based Key Derivation Function 2, or PBKDF2, to generate an encryption key from a combination of the user’s password and a random number generator on the devices. In Knox 2.0, Samsung said it has strengthened key derivation by following the Common Criteria recommendation MDFPP for key derivation and storage.

The researcher, meanwhile, was clear in his report that he did not analyze the enterprise version of Knox, instead looked at the pre-installed Knox Container App, or Knox Personal on the Samsung Galaxy S4. He is, however, reaffirming that version 2.0 of the Knox App Container and 3.0 of the Knox ContainerAgent was present on his device, rebutting some public criticism that he was looking at early developer version.

“I don’t think that version 2.0_2 seems to be an early developer version?!?” he said. “I did the analysis about one month ago with a new Samsung S4 and all updates installed. That doesn’t seem to be an early developer version, right? Or did I [buy] a fake one ;)?”

Samsung confirmed another point raised by the report claiming that Knox saves the encryption key required to auto-mount the container’s file system in the TrustZone.

“However, unlike what is implied in the blog, the access to this key is strongly controlled. Only trusted system processes can retrieve it, and KNOX Trusted Boot will lock down the container key store in the event of a system compromise,” Samsung said.

The remaining sticking point is the contention that Knox stores an alternative PIN for password resets in clear text on the phone. Samsung denies this for Knox enterprise containers, but confirms that for Knox 1.0 Personal containers, the alternative PIN is stored on the device.

“This KNOX 1.0 Personal container is not a part of the KNOX enterprise solution and was discontinued early this year. KNOX Personal containers cannot be created on KNOX 2.0 devices,” Samsung said. “However, customers who created one on an older firmware revision can migrate to KNOX 2.0 as part of a system update, for enhanced security.”

Samsung said that Knox 1.0 Personal has been replaced in later versions by My Knox, which is based on the enterprise version. My Knox, the researcher said, is available only for Galaxy S5 and Note4 devices.

Suggested articles

Discussion

  • Anonymous on

    "Samsung said Knox 1.0 uses Password-Based Key Derivation Function 2, or PBKDF2, to generate an encryption key from a combination of the user’s password and a random number generator on the devices. In Knox 2.0, Samsung said it has strengthened key derivation by following the Common Criteria recommendation MDFPP for key derivation and storage." But it looks like the MDFPP recommends PBKDF2 so it is not clear what they really did here. Perhaps they moved from HMAC−SHA1 to HMAC-SHA-512? Does anyone know the details?
  • Hitoshi Anatomi on

    However well designed, ID federations (single-sign-on services and password managers) create a single point of failure, not unlike putting all the eggs in a basket. It remembers all my passwords when un-hacked and loses all my passwords to criminals when hacked. It should be operated in a decentralized formation or should be considered mainly for low-security accounts, not for high-security business which should desirably be protected by all different strong passwords unique to each account.  Needless to say, the strength of the master-password is crucially important.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.