Aurich Lawson | getty imagesThank you for reading this post, don't forget to subscribe!
Chinese authorities recently said they are using an advanced encryption attack to anonymize AirDrop users in an effort to crack down on citizens who use Apple files to mass distribute illegal content in that country. -Use the sharing feature.
According to a 2022 report by , activists have used AirDrop to distribute scathing criticisms of China’s Communist Party to nearby iPhone users on subway trains and in stations and other public spaces. A document sent by a protester in October that year called General Secretary Xi Jinping an “autocratic traitor.” A few months later, with the release of iOS 16.1.1, AirDrop users in China discovered that the “Everyone” configuration, the setting that makes files available to all other users nearby, automatically became more contacts-only. Resets to setting. Apple has not yet acknowledged the move. Critics viewed this as a concession made by Apple CEO Tim Cook to Chinese authorities.
On Monday, eight months after half-measures were imposed, local government officials in Beijing said some people continued to send illegal content on a large scale. As a result, officials said, they were now using an advanced technology publicly disclosed in 2021 to fight back.
“Some people reported that their iPhones found a video containing inappropriate comments in the Beijing subway,” officials wrote, according to the translation. “After preliminary investigation, police found that the suspect had used the AirDrop function of the iPhone to anonymously spread inappropriate information in public places. Due to the anonymity and difficulty in tracking airdrops, some netizens have begun to mimic this behavior.
In response, authorities said they had implemented technical measures to identify people distributing the content on a large scale.
The scant description and quality of Internet-based translations do not clearly describe the technique. However, all translations state that it involves the use of what are known as rainbow tables to circumvent the technical measures used by AirDrop to obfuscate users’ phone numbers and email addresses.
Rainbow tables were first proposed in the 1980s as a means of reducing the enormous amount of computing resources required to crack large-scale hashes, used to conceal passwords and other types of sensitive data. One-way cryptographic representation. Additional refinements made in 2003 made rainbow tables even more useful.
When AirDrop is configured to deliver files only between people who know each other, Apple says, it relies heavily on hashes to hide each party’s real-world identity. Until the service determines there is a match. Specifically, AirDrop transmits Bluetooth advertisements that contain a partial cryptographic hash of the sender’s phone number and/or email address.
If a short hash matches a phone number or email address in the other device’s address book, or if the devices are set to send or receive all, the two devices will engage in a mutual authentication handshake. When the hashes match, the devices exchange the full SHA-256 hash of the owners’ phone numbers and email addresses. This technique falls under a broader term called private set intersection, often abbreviated as PSI.
In 2021, researchers at the Technical University of Darmstadt, Germany, reported that they had devised practical ways for Apple to learn the identity hashes used to hide identities, while AirDrop determines whether someone nearby is using another device. Whether in contact with or not. One of the researchers’ attack methods relies on rainbow tables.