The "Find My" feature of Apple uses smart cryptography

[ad_1]

When Apple Executive Craig Federighi described a new location feature for Apple devices at the company's Global Developer Conference Monday, which seemed – at least paranoid enough – to be both an innovation in physical security and a risk potential for privacy. But while security experts immediately asked If Find My would also provide a new opportunity to track unwanted users, Apple claims to have developed this feature on a unique encryption system carefully designed to prevent this type of tracking, even by Apple.

In future versions of iOS and macOS, the new Find My feature will broadcast Bluetooth signals from Apple devices even when they are offline, which will allow nearby Apple devices to relay their location in the cloud. This should help you locate your stolen laptop even when sleeping in a thief's bag. And it turns out that Apple's elaborate encryption scheme is also designed not only to prevent intruders from identifying or tracking an iDevice from its Bluetooth signal, but also to prevent Apple from learning itself. device location, even if it allows you to locate yours.

"What's amazing is that all this interaction is encrypted and anonymous from start to finish," Federighi said in the keynote address of WWDC. "It only uses tiny bits of data on existing network traffic, so you do not have to worry about your battery life, data usage, or privacy."

"I have not seen anyone deploying anything like this for a billion people."

Matthew Green, Johns Hopkins University

During a phone conversation in the background with WIRED, Apple described this element of privacy by explaining how its "encrypted and anonymous" system avoids letting away your location data even when your devices are broadcasting a Bluetooth signal explicitly designed to help you track your data. device. It turns out that the solution to this paradox is a trick that requires to own at least two Apple devices. Each of them emits an ever-changing key used by nearby Apple devices to encrypt and upload your location-based data, so that only the other Apple device you own has the key to decrypt those locations.

This system would avoid the threat of marketers or other snoops tracking Bluetooth signals from Apple devices, allowing them to create their own history of each user's location. "If Apple did it right and there are a lot of yew here, it seems like it could be done privately," said Matthew Green, a Johns Hopkins University cryptographer. "Even if I followed you while walking, I would not know that you are the same person from one hour to the next."

In fact, Find My's cryptography goes even further, preventing even Apple from learning the location of users based on their Bluetooth tags. This would represent an improvement in privacy compared to older Apple tools, such as Find My iPhone and Find Friends, which do not offer such guarantees against Apple learning your position.

Here's how the new system, described by Apple, works step by step:

When you set up Find My on your Apple devices for the first time (and Apple has confirmed that you need at least two devices for this feature to work), this key generates an indescribable private key shared on all these devices. devices via end-to-end encrypted communication. only these machines have the key.
Each device also generates a public key. As in other public key encryption configurations, this public key can be used to encrypt data so that no one can decrypt them without the corresponding private key, in this case the one stored on all your Apple devices. This is the "beacon" that your devices will broadcast via Bluetooth to nearby devices.
This public key changes frequently, "turning" periodically to a new number. Thanks to some mathematical magic, this new number does not correspond to previous versions of the public key, but retains its ability to encrypt the data so that only your devices can decrypt them. Apple declined to indicate how often the key was spinning. But whenever this happens, the change makes it even harder to use your Bluetooth tags to track your movements.
Say that someone steals your MacBook. Even if the thief transports it closed and disconnected from the Internet, your laptop will emit its rotating public key via Bluetooth. The iPhone of a nearby unknown, without owner interaction, will pick up the signal, check its own location and encrypt this location data with the help of the public key extracted from the laptop. The public key does not contain any identifying information and, as it runs frequently, the iPhone from abroad also can not connect the laptop to its previous locations.
The iPhone from abroad then uploads two items on the Apple server: the encrypted location and a hash of the public key of the laptop, which will serve as the ; identifier. As Apple does not have the private key, it can not decipher the location.
When you want to recover your stolen laptop, you switch to your second Apple device, for example an iPad, which contains the same private key as the laptop and has generated the same set of public keys in rotation. When you press a button to find your laptop, the iPad sends the same hash of the public key to Apple as the identifier, so that Apple can browse its millions and millions of encrypted locations stored and find the corresponding hash. A complicating factor is that the hash of the iPad's public key will not be the same as that of your stolen laptop because the public key has probably turned several times since the iPhone's backend. ;unknown. Apple has not quite explained how it works. Green from Johns Hopkins however points out that the iPad could download a series of hashes of all its previous public keys, so that Apple could sort them and extract the previous location where the laptop had been spotted .
Apple returns the encrypted location of the laptop on your iPad, which can use its private key to decrypt it and tell you the last known location of the laptop. Meanwhile, Apple has never seen the location decrypted and, since the hash functions are designed to be irreversible, it can not even use the hashed public keys to collect information about the location of the device.¹

As complex as it may seem, Apple warns that it's still a somewhat simplified version of the Find My protocol, and that the system is still likely to change before it goes on the market. under MacOS Catalina and iOS 13 later this year. The true security of the system will depend on the details of its implementation, warns Johns Hopkins' Green. But he also says that if it works like Apple described it to WIRED, he could actually offer all the privacy guarantees promised by Apple.

"I give them nine chances out of 10 to succeed," Green said. "I have never seen anyone deploying anything like this in front of a billion people, the current techniques are quite well known from the scientific point of view, but the implementation of this technique will be really impressive."

More great cable stories