Hello everyone,
I’ve read a lot about the AirDrop handshake or communication protocol, but I have a question that I still can’t answer.
How is AirDrop able to identify someone else’s device that is registered in my contacts?
By following privacy policy, I assume that names or e-mails are not exchanged. So, how my iPhone is capable of telling that the iPad next to me belongs to Bob, who's registered on my phonebook with a phone number?
I saw about using a unique alphanumeric identifier with 12 characters, but what does it mean? Is it an id that’s relate on the Apple ID, or the phone number, or the device itself?
I hope you can help me, and if you want additional information, don’t hesitate to ask!
nb: sorry if I missed a post that already talks about this...
There is a detailed description here: https://support.apple.com/fr-fr/guide/security/sec2261183f4/web
In a word, the ID is a hash generated when creating iCloud connection:
AirDrop uses iCloud services to help users authenticate. When a user signs in to iCloud, a 2048-bit RSA identity is stored on the device, and when the user turns on AirDrop, an AirDrop short identity hash is created based on the email addresses and phone numbers associated with the user’s Apple ID.
Then, the receiver checks for a hash match in its contact base, wiyhout ever seeing the real identity at that time:
In Contacts Only mode, the received AirDrop short identity hash is compared with hashes of people in the receiving device’s Contacts app. If a match is found, the receiving device responds over peer-to-peer Wi-Fi with its identity information. If there is no match, the device doesn’t respond.
