Thursday, November 27, 2014

How Apple keeps AirDrop files private and secure

AirDrop, part of Apple's Continuity features, makes it easy to share files between your iPhone, iPad, and/or Mac. It's especially useful for files that are larger than Messages or Mail can comfortably handle, and for situations where you want to transfer directly, without any information going over the internet. You have to be within range of Bluetooth Low Energy (BT LE), and have Wi-Fi enabled to handle the actual data, but when you do, AirDrop makes it simple and easy to share any file from OS X, and almost anything that can call up a Share Sheet on iOS. Best of all, AirDrop keeps your files private and secure.

Encrypted identities

When AirDrop is turned on, a 2048-bit RSA Identity is created and stored on your iPhone, iPad, or Mac. A hash, based on the phone numbers and/or email addresses associated with your Apple ID, is also created. That'll be used later to identify you in a way that maintains your privacy and security.

Proximity and performance

When you choose to share something via AirDrop, your device begins broadcasting over BT LE. Other devices within range detect the broadcast and, if they're also enabled for AirDrop, respond back with a truncated version of the identity hash.

Because it's BT LE, it doesn't consume a lot of power, and because it has to be in range, you never risk a random device in a random location picking up or intercepting the share request.

The match game

If the device or person you want to share to has AirDrop set to "Contacts Only", the identity hash is compared with your iCloud contacts to see if there's a match. If a match is found, AirDrop creates a peer-to-peer Wi-Fi connection and advertises the connection over Bonjour (Apple's name for zero-configuration networking). At this point, the full identity hash is sent over.

This process just helps ensure privacy, since no full identity is shared unless and until its established that contacts match (i.e. you know the device or person you're sharing with.)

If the full contact hash matches, iOS will show you your version of the contact sheet picture and name. That makes it both more familiar to you, and protects the privacy of the other person. (Hey, who knows what picture or name they're using for themselves!)

Once you select who you want to share with, transport layer security (TLS) is used to exchange iCloud identity certificates. iOS then verifies both identities against their own, local contacts.

At that point, the receiver is asked to accept the transfer. (If there are multiple receivers, each one is asked to accept the transfer individually.)

Then, and only then, is the data transferred over the TLS-secured peer-to-peer Wi-Fi connection.

Everyone action

When you use AirDrop with someone outside your contacts the process is necessarily different.

First, the recipient has to have AirDrop set to "Everyone".

Second, since AirDrop can't match or present local contacts, it shows only the default silhouette avatar, along with the name of the person as they've set it for their device. For example, Bob's iPhone or Kim's MacBook Pro.

That maintains privacy but enables functionality. You can send or receive without worrying about even your contact picture "leaking" to people you don't know.

The bottom line

AirDrop isn't email or messages, MailDrop or sharing Dropbox links. It's not a way to attach files to remote communications. It's a way to transfer data between people in the same location — in the same room at home or at work, in the same restaurant or park or club. It's social, but at very small scale.

If that's what you want to do, and you're within range of Bluetooth Low Energy, AirDrop has you covered. And it has you covered privately and securely.








No comments:

Post a Comment