Cryptology ePrint Archive: Report 2021/481

PrivateDrop: Practical Privacy-Preserving Authentication for Apple AirDrop

Alexander Heinrich and Matthias Hollick and Thomas Schneider and Milan Stute and Christian Weinert

Abstract: Apple's offline file-sharing service AirDrop is integrated into more than 1.5 billion end-user devices worldwide. We discovered two design flaws in the underlying protocol that allow attackers to learn the phone numbers and email addresses of both sender and receiver devices. As a remediation, we study the applicability of private set intersection (PSI) to mutual authentication, which is similar to contact discovery in mobile messengers. We propose a novel optimized PSI-based protocol called PrivateDrop that addresses the specific challenges of offline resource-constrained operation and integrates seamlessly into the current AirDrop protocol stack. Using our native PrivateDrop implementation for iOS and macOS, we experimentally demonstrate that PrivateDrop preserves AirDrop's exemplary user experience with an authentication delay well below one second. We responsibly disclosed our findings to Apple and open-sourced our PrivateDrop implementation.

Category / Keywords: cryptographic protocols / Mobile Contact Discovery, Private Set Intersection, Hash Reversal, Implementation, Apple, AirDrop, iOS, macOS

Original Publication (with minor differences): USENIX Security 2021

Date: received 15 Apr 2021

Contact author: aheinrich at seemoo tu-darmstadt de,mhollick@seemoo tu-darmstadt de,schneider@encrypto cs tu-darmstadt de,mstute@seemoo tu-darmstadt de,weinert@encrypto cs tu-darmstadt de

Available format(s): PDF | BibTeX Citation

Version: 20210415:201220 (All versions of this report)

Short URL: ia.cr/2021/481


[ Cryptology ePrint archive ]