TU Darmstadt / ULB / TUbiblio

AirCollect: Efficiently Recovering Hashed Phone Numbers Leaked via Apple AirDrop

Heinrich, Alexander ; Hollick, Matthias ; Schneider, Thomas ; Stute, Milan ; Weinert, Christian (2021):
AirCollect: Efficiently Recovering Hashed Phone Numbers Leaked via Apple AirDrop.
In: WiSec '21: Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 371-373,
ACM, 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Abu Dhabi, United Arab Emirates, 28.06.–01.07.2021, ISBN 978-1-4503-8349-3,
DOI: 10.1145/3448300.3468252,
[Conference or Workshop Item]

Abstract

Apple’s file-sharing service AirDrop leaks phone numbers and email addresses by exchanging vulnerable hash values of the user’s own contact identifiers during the authentication handshake with nearby devices. In a paper presented at USENIX Security’21, we theoretically describe two attacks to exploit these vulnerabilities and propose “PrivateDrop” as a privacy-preserving drop-in replacement for Apple’s AirDrop protocol based on private set intersection. In this demo, we show how these vulnerabilities are efficiently exploitable via Wi-Fi and physical proximity to a target. Privacy and security implications include the possibility of conducting advanced spear phishing attacks or deploying multiple “collector” devices in order to build databases that map contact identifiers to specific locations. For our proof-of-concept, we leverage a custom rainbow table construction to reverse SHA-256 hashes of phone numbers in a matter of milliseconds. We discuss the trade-off between success rate and storage requirements of the rainbow table and, after following responsible disclosure with Apple, we publish our proof-of-concept implementation as “AirCollect” on GitHub.

Item Type: Conference or Workshop Item
Erschienen: 2021
Creators: Heinrich, Alexander ; Hollick, Matthias ; Schneider, Thomas ; Stute, Milan ; Weinert, Christian
Title: AirCollect: Efficiently Recovering Hashed Phone Numbers Leaked via Apple AirDrop
Language: English
Abstract:

Apple’s file-sharing service AirDrop leaks phone numbers and email addresses by exchanging vulnerable hash values of the user’s own contact identifiers during the authentication handshake with nearby devices. In a paper presented at USENIX Security’21, we theoretically describe two attacks to exploit these vulnerabilities and propose “PrivateDrop” as a privacy-preserving drop-in replacement for Apple’s AirDrop protocol based on private set intersection. In this demo, we show how these vulnerabilities are efficiently exploitable via Wi-Fi and physical proximity to a target. Privacy and security implications include the possibility of conducting advanced spear phishing attacks or deploying multiple “collector” devices in order to build databases that map contact identifiers to specific locations. For our proof-of-concept, we leverage a custom rainbow table construction to reverse SHA-256 hashes of phone numbers in a matter of milliseconds. We discuss the trade-off between success rate and storage requirements of the rainbow table and, after following responsible disclosure with Apple, we publish our proof-of-concept implementation as “AirCollect” on GitHub.

Title of Book: WiSec '21: Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks
Publisher: ACM
ISBN: 978-1-4503-8349-3
Uncontrolled Keywords: ATHENE, emergenCITY_KOM, Engineering, E4, Privacy and Trust for Mobile Users, A.1, B.3, C.1, emergenCITY
Divisions: 20 Department of Computer Science
20 Department of Computer Science > Cryptography and Privacy Engineering (ENCRYPTO)
20 Department of Computer Science > Sichere Mobile Netze
DFG-Collaborative Research Centres (incl. Transregio)
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres
DFG-Graduiertenkollegs
DFG-Graduiertenkollegs > Research Training Group 2050 Privacy and Trust for Mobile Users
Profile Areas
Profile Areas > Cybersecurity (CYSEC)
LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > emergenCITY
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres > CRC 1119: CROSSING – Cryptography-Based Security Solutions: Enabling Trust in New and Next Generation Computing Environments
TU-Projects: HMWK|LOEWE|emergenC TP Gurevych
Event Title: 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks
Event Location: Abu Dhabi, United Arab Emirates
Event Dates: 28.06.–01.07.2021
Date Deposited: 02 Jul 2021 10:12
DOI: 10.1145/3448300.3468252
Official URL: https://sites.nyuad.nyu.edu/wisec21/
Corresponding Links:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details