Android KeyStore Encryption Scheme Broken

Reader msm1267 writes: The default implementation for KeyStore, the system in Android designed to store user credentials and cryptographic keys, is broken, researchers say.>In an academic paper published this week, researchers argue that the particular encryption scheme that KeyStore uses fails to protect the integrity of keys and could be exploited to allow an attacker to modify stored keys through a forgery attack.
KeyStore, which performs key-specific actions through the OpenSSL library, allows Android apps to store and generate their own cryptographic keys. By storing keys in a container, KeyStore makes it more difficult to remove them from the device. Mohamed Sabt and Jacques Traore, two researchers with the French telecom Orange Labs, claim the scheme associated with the system is "non-provably secure," and could have "severe consequences." The two point out in their paper "Breaking Into the KeyStore: A Practical Forgery Attack Against Android KeyStore," that it's the hash-then-encrypt (HtE) authenticated encryption (AE) scheme in cipher block chaining mode (CBC) in KeyStore that fails to guarantee the integrity of keys.

Re:In simpler terms, please?

[LichtSpektren]

The keys to your cars are on a rack in your house. You have a security camera in your house that makes ensure against a malicious person who walks in your house, takes your keys, clones them, then puts the originals back on the rack. It turns out the security camera's susceptible to that trick from The A-Team where you take a photo of the room from the perspective of the security camera, then tape the photo onto the security camera's lens so it looks like there's no activity in the room. Because of that, there's no way of checking to make sure nobody sneaks in your house to clone your car keys.