AirDrop security
Apple devices that support AirDrop use Bluetooth Low Energy (BLE) and Apple-created peer-to-peer Wi-Fi technology to send files and information to nearby devices, including AirDrop-capable iOS devices and iPad devices running iOS 7 or later and Mac computers running OS X 10.11 or later. The Wi-Fi radio is used to communicate directly between devices without using any internet connection or wireless access point (AP). This connection is encrypted with TLS.
AirDrop is set to share with Contacts Only by default. Users can also choose to use AirDrop to share with everyone, or turn off the feature entirely. Organizations can restrict the use of AirDrop for devices or apps being managed by using a mobile device management (MDM) solution.
AirDrop operation
AirDrop uses iCloud services to help users authenticate. When a user signs in to iCloud, a 2048-bit RSA identity is stored on the device, and when the user turns on AirDrop, an AirDrop short identity hash is created based on the email addresses and phone numbers associated with the user’s Apple ID.
When a user chooses AirDrop as the method for sharing an item, the sending device emits an AirDrop signal over BLE that includes the user’s AirDrop short identity hash. Other Apple devices that are awake, in close proximity, and have AirDrop turned on, detect the signal and respond using peer-to-peer Wi-Fi, so that the sending device can discover the identity of any responding devices.
In Contacts Only mode, the received AirDrop short identity hash is compared with hashes of people in the receiving device’s Contacts app. If a match is found, the receiving device responds over peer-to-peer Wi-Fi with its identity information. If there is no match, the device doesn’t respond.
In Everyone mode, the same overall process is used. However, the receiving device responds even if there is no match in the device’s Contacts app.
The sending device then initiates an AirDrop connection using peer-to-peer Wi-Fi, using this connection to send a long identity hash to the receiving device. If the long identity hash matches the hash of a known person in the receiver’s Contacts, then the receiver responds with its long identity hashes.
If the hashes are verified, the recipient’s first name and photo (if present in Contacts) are displayed in the sender’s AirDrop share sheet. In iOS and iPadOS, they are shown in the “People” or “Devices” section. Devices that aren’t verified or authenticated are displayed in the sender’s AirDrop share sheet with a silhouette icon and the device’s name, as defined in Settings > General > About > Name. In iOS and iPadOS, they are placed in the “Other People” section of the AirDrop share sheet.
The sending user may then select whom they want to share with. Upon user selection, the sending device initiates an encrypted (TLS) connection with the receiving device, which exchanges their iCloud identity certificates. The identity in the certificates is verified against each user’s Contacts app.
If the certificates are verified, the receiving user is asked to accept the incoming transfer from the identified user or device. If multiple recipients have been selected, this process is repeated for each destination.