Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The article misses one of the design goals that's pretty obvious if you look at the reverse-engineered Airtag protocol: they don't do any public key cryptography at all on the tag itself. And the reason for that is that it would wreck their battery life.

Anything that relies on "attestation" violates that constraint.

Of course, another possible approach would be to JUST NOT HAVE THE NETWORK...



> The article misses one of the design goals that's pretty obvious if you look at the reverse-engineered Airtag protocol: they don't do any public key cryptography at all on the tag itself. And the reason for that is that it would wreck their battery life. > > Anything that relies on "attestation" violates that constraint.

Article author here. Thanks for making this point.

I agree that you want to minimize the amount of ECC on the tag and certainly you don't want each advertisement to require a separate EC op. However, I don't think the requirement is no crypto on the tag.

1. Each time you change keys (every 15 minutes in detached mode) you have to some EC crypto ops. 2. You could require attestation only prior to reporting, thus keeping the cost fairly low. Note that this does allow a nearby attacker to force you to do crypto but they can also cause you to run the speaker, which consumes power.


There is a paper called BlindMy that points out you can have Apple do the attestation using blind signatures over the tag broadcasts, then store the signed messages on the tag. Requires more RAM but the blind signing protocol actually can be run by a phone, so doesn’t really stress the system. Particularly when the identifier only changes once per day, so only 365 signatures per year. https://petsymposium.org/popets/2023/popets-2023-0006.php

PS Changing the identifier once per day is very bad for privacy.


Without the network, you don't have much of a product.


The vast majority of the value of the Tiles I own isn't figuring out where my keys might have been moved by someone else since I lost them, it is noticing (and remembering) when (and where) I left them and then helping me zero in on them once I am back there, something that can be done entirely using just my phone. The remaining product once you support those two features--neither of which require a "network"--has only niche applications to edge cases involving losing things and stalking people (as well as adding a bunch of difficult-to-avoid third-party surveillance).


"I don't value the feature" != "the feature has low value"


I am responding to "Without the network, you don't have much of a product." and believe that my comment correctly and directly disproves that assertion.


> And the reason for that is that it would wreck their battery life.

Not really. ECC is fine for energy consumption and most BLE chips now have crypto accelerators.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: