Apple's offline file-sharing service AirDrop is integrated into more than 1.5 billion end-user devices worldwide. We discovered two design flaws in the underlying protocol that allow attackers to learn the phone numbers and email addresses of both sender and receiver devices. As a remediation, we study the applicability of private set intersection (PSI) to mutual authentication, which is similar to contact discovery in mobile messengers. We propose a novel optimized PSI-based protocol called PrivateDrop that addresses the specific challenges of offline resource-constrained operation and integrates seamlessly into the current AirDrop protocol stack. Using our native PrivateDrop implementation for iOS and macOS, we experimentally demonstrate ...
With the popularity of today's usability-oriented designs, dubbed Zero Configuration or ZeroCon...
Apple iOS is one of the most popular mobile operating systems. As its core security technology, iOS ...
Instant messaging services are quickly becoming the most dominant form of communication among consum...
Apple's offline file-sharing service AirDrop is integrated into more than 1.5 billion end-user devic...
Private set intersection (PSI) protocols are cryptographic protocols that allow two parties to secur...
Apple’s file-sharing service AirDrop leaks phone numbers and email addresses by exchanging vulnerabl...
A common approach to bootstrapping a new cryptocurrency is an airdrop, an arrangement in which exist...
Apple Wireless Direct Link (AWDL) is a key protocol in Apple's ecosystem used by over one billion iO...
Apple controls one of the largest mobile ecosystems, with 1.5 billion active devices worldwide, and ...
Apple Wireless Direct Link (AWDL) is a key protocol in Apple's ecosystem used by over one billion iO...
Private set intersection (PSI) is a cryptographic technique that is applicable to many privacy-sensi...
Private Set Intersection Cardinality (PSI-CA) allows two parties, each holding a set of items, to le...
With the popularity of today's usability-oriented designs, dubbed Zero Configuration or ZeroCon...
Apple iOS is one of the most popular mobile operating systems. As its core security technology, iOS ...
Instant messaging services are quickly becoming the most dominant form of communication among consum...
Apple's offline file-sharing service AirDrop is integrated into more than 1.5 billion end-user devic...
Private set intersection (PSI) protocols are cryptographic protocols that allow two parties to secur...
Apple’s file-sharing service AirDrop leaks phone numbers and email addresses by exchanging vulnerabl...
A common approach to bootstrapping a new cryptocurrency is an airdrop, an arrangement in which exist...
Apple Wireless Direct Link (AWDL) is a key protocol in Apple's ecosystem used by over one billion iO...
Apple controls one of the largest mobile ecosystems, with 1.5 billion active devices worldwide, and ...
Apple Wireless Direct Link (AWDL) is a key protocol in Apple's ecosystem used by over one billion iO...
Private set intersection (PSI) is a cryptographic technique that is applicable to many privacy-sensi...
Private Set Intersection Cardinality (PSI-CA) allows two parties, each holding a set of items, to le...
With the popularity of today's usability-oriented designs, dubbed Zero Configuration or ZeroCon...
Apple iOS is one of the most popular mobile operating systems. As its core security technology, iOS ...
Instant messaging services are quickly becoming the most dominant form of communication among consum...