V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
wyfyw
V2EX  ›  iPhone

AirDrop 很容易泄露电话号码的 SHA-256 hash?从而很容易泄露电话号码

  •  
  •   wyfyw · 2021-04-25 21:51:23 +08:00 · 8764 次点击
    这是一个创建于 1311 天前的主题,其中的信息可能已经有所发展或是发生改变。
    苹果 2019 年就从研究者那里知道了此事,至今没有改变。

    https://www.ithome.com/0/548/301.htm
    当用户启动 AirDrop 功能时,苹果会将用户电话号码、电子邮箱以加密形式传播到其 Wi-Fi 和蓝牙范围内,以检测附近可连接设备。如果用户与另一设备通过 AirDrop 匹配成功,双方将会交换电话和电子邮件信息的完整的加密散列( SHA-256 散列)。

    https://arstechnica.com/gadgets/2021/04/apples-airdrop-leaks-users-pii-and-theres-not-much-they-can-do-about-it/
    To determine if the device of a would-be sender should connect with other nearby devices, AirDrop broadcasts Bluetooth advertisements that contain a partial cryptographic hash of the sender's phone number and email address. If any of the truncated hashes matches any phone number or email address in the address book of the receiving device or the device is set to receive from everyone, the two devices will engage in a mutual authentication handshake over Wi-Fi. During the handshake, the devices exchange the full SHA-256 hashes of the owners' phone numbers and email addresses.

    向 Wi-Fi 广播电话号码的 SHA-256 ?想出来这个办法的人真是天才(天杀的蠢材)。
    第 1 条附言  ·  2021-04-26 23:16:27 +08:00
    仔细看了论文,主要篇幅在于如何提高 AirDrop 所需要的 offline verification 的隐私程度。AirDrop 泄露 sender 的电话号码的 SHA-256 的原因真的很简单,也很容易复现。

    2021 年才发现是因为这个协议是私有协议,开源 community 不太关心吧。想必各路情报部门早就知晓并持续利用过这些问题了。

    在这个苹果爱好者论坛,居然一个回贴都没有。感觉诸位也就是叶公好龙而已。哈哈

    贴一下链接和内文
    https://www.usenix.org/system/files/sec21fall-heinrich.pdf

    3.3 Contact Identifier Leakage of Sender

    During the AirDrop authentication handshake, the sender always
    discloses their own contact identifiers as part of the initial
    HTTPS POST /Discover message (cf. Fig. 1). A malicious
    receiver can therefore learn all (hashed) contact identifiers
    of the sender without requiring any prior knowledge of their
    target. To obtain these identifiers, an attacker simply needs
    to wait (e.g., at a public hot spot) until a target device scans
    for AirDrop receivers, i.e., the user opens the AirDrop sharing
    pane. The target device will freely send a discover message
    to any AirDrop receiver found during the previous DNS-SD
    service lookup. Therefore, an attacker can learn the target’s
    validation record without any authentication by simply announcing
    an AirDrop service via multicast DNS (mDNS).
    After collecting the validation record, the attacker can recover
    the hashed contact identifiers offline.
    目前尚无回复
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   5600 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 41ms · UTC 03:41 · PVG 11:41 · LAX 19:41 · JFK 22:41
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.