The master private key used by the system is generated locally and never leaves your Apple devices in a state that anyone except your devices can read it.
The master key is used to derive an AirTag specific private key which is provisioned to the AirTag and is in turn combined with an increasing counter which generates a third private key that's never stored anywhere. The ID broadcast is the public key of this third key. It changes every 30 minutes or 1 hour, I forget which.
Other devices see this key, use it to encrypt their own location, and upload that encrypted blob along with the public key to Find My, and in order for Apple to even know which account the encrypted blob they can't decrypt belongs to I have to actually request the location of my AirTag by locally deriving the keypair it used for a certain point in time.
rekoil|2 years ago
The master private key used by the system is generated locally and never leaves your Apple devices in a state that anyone except your devices can read it.
The master key is used to derive an AirTag specific private key which is provisioned to the AirTag and is in turn combined with an increasing counter which generates a third private key that's never stored anywhere. The ID broadcast is the public key of this third key. It changes every 30 minutes or 1 hour, I forget which.
Other devices see this key, use it to encrypt their own location, and upload that encrypted blob along with the public key to Find My, and in order for Apple to even know which account the encrypted blob they can't decrypt belongs to I have to actually request the location of my AirTag by locally deriving the keypair it used for a certain point in time.
Cu3PO42|2 years ago