Chinese Authorities Say They're Exploiting an Apple AirDrop Vulnerability
upstart writes:
Chinese authorities are exploiting a weakness Apple has allowed to go unfixed for 5 years:
Chinese authorities recently said they're using an advanced encryption attack to de-anonymize users of AirDrop in an effort to crack down on citizens who use the Apple file-sharing feature to mass-distribute content that's illegal in that country.
[...] The scant details and the quality of Internet-based translations don't explicitly describe the technique. All the translations, however, have said it involves the use of what are known as rainbow tables to defeat the technical measures AirDrop uses to obfuscate users' phone numbers and email addresses.
[...] In 2021, researchers at Germany's Technical University of Darmstadt reported that they had devised practical ways to crack what Apple calls the identity hashes used to conceal identities while AirDrop determines if a nearby person is in the contacts of another. One of the researchers' attack methods relies on rainbow tables.
[...] Christian Weinert, one of the TU Darmstadt researchers who's now at Royal Holloway University in London, said in an email that Green is almost certainly correct.
"The attack clearly exploits the underlying issue that we pointed out in our paper and that we reported to Apple-namely the insecure use of hash functions for 'obfuscating' contact identifiers in the AirDrop protocol," he wrote. "Furthermore, the described use of rainbow tables for 'cracking' the hash values seems identical to what we described in a paper published at WiSec '21 (https://eprint.iacr.org/2021/893) where we demonstrate our attacks. Note that the screenshots in the Chinese blog post indicate that the forensic lab implemented their own tooling for this and also considers email addresses in addition to phone numbers."
Read more of this story at SoylentNews.