AirTags: Apple’s Next Little Thing

New iPhones are cool. The new entry-level iPhone is cool, the upcoming iPhone 12. Cool. But sometimes it’s what comes with new iPhones that ends up being really cool. Like the iPhone 7 and AirPods.

And… I think it’s about to happen again. With AirTags.

If you’re not familiar with the term, AirTags are the long-rumored little thin-mint shaped accessories from Apple that’ll give pretty much anything you own Find my iPhone-like capabilities. Maybe better.

Now, Apple hasn’t announced AirTags yet, not at the September 2019 iPhone 11 event that was… or at any March 2020 iPhone event that wasn’t.


Apple has been slow jamming all the set up work for them for over a year already, starting with the new Find My network last June at WWDC 2019 and a deeper dive at BlackHat 2020.

Now, as you know, I’m never as interested in the what and when as I am the how and why.

So, let’s start with the how, or the highly differentiated user experience in Apple parlance.

I figure it’s going to go something like this:

You unbox your AirTags and immediately pair them with your iPhone or iPad. On the outside, it’s super slick and easy, just like AirPods. Tap to connect and done.

On the inside, though, something really clever happens. And it’s all about privacy and security.

The set up creates an elliptic curve P-224 private key pair as well as a symmetric key and stores both in your iCloud Keychain, Apple’s built-in security system, and then syncs it to all your other Apple devices over secure CloudKit. The same way health data and other sensitive information gets synced.

Then, let’s say you put an AirTag in your house keys and…

…promptly lose your house keys.

Maybe on your next trip to the supermarket because that’s pretty much the only place many of us can go right now.

OK, so, what AirTags do, their literal one job, is to broadcast a Bluetooth Low Energy beacon. Think of it as an uterly silent ping… ping… ping. That just says “I am here.”

Now, the beacon is based on your symmetric key which, because of P-224, is 28 bites, and fits just ever so nicely inside the 32-bite packet limit for Bluetooth 5.0.

Because it’s Bluetooth, it doesn’t matter if that the AirTag isn’t on Wi-Fi or a cellular network. It’s doesn’t need to get on the world wide internet. It’s just raising its electromagnetic hand locally. Hyper locally. Within Bluetooth range.

Because it’s Low Energy, it’s also going to have minimal impact on battery life. Which is good. Because a dead AirTag would be much harder to find.

And, because the beacon is only BASED on your static symmetric key, even though it’s pinging away like the Red October over there, it makes it hard for anyone to use those pings to try and track you over time and space.

See, what it does is take your symmetric key and, every 15 minutes, uses it to generate a second key that’s based on your original key and that time interval. Then, it derives a third, public key and uses that to unlinkably diversify the actual data in the ping it’s so busy broadcasting out.

To ridiculously over simplify it, it’s like taking the letters of your name, adding all the letters that spell out the time, shaking them all together, then wrapping them up in a new rando lock-box every 15 minutes, and throwing the box into a lake filled with other boxes that are also changing, seemingly at random, every 15 minutes.

You know your name and you have the key to the box, but good luck to anyone else trying to break in and figure it all out.

What this means is, shopping malls can’t the AirTags ping to log you as you go from store to store, not for longer than 15 minutes, and no one can use it to track your location for any longer than that either. Not in any place where there’s any density of Bluetooth activity.

Now, if someone else with an Apple device comes within Bluetooth range of the AirTag attached to your house keys, and they’ve also opted-in to the Find My network, they become what’s called a finder. And no, that doesn’t make the rest of us losers. Except for that yeah, we lost our wallet. But whatever.

Here’s what happens next:

The finder’s device, let’s say it’s an iPhone, will pick up the public key being broadcast by your AirTag and use it to ECIES the finder’s location. That data is then hashed into a lookup index using SHA256 and relayed to Apple.

So, Apple ends up having your public key and the location where it was broadcast stored for that lookup table.

Now, your identity remains private because the public key doesn’t contain anything about it. It’s just a pseudo-random blob of data. So, the finder has no way of knowing who you are just because they came within range of your AirTag or house keys.

And because this is all happening behind the scenes, the finder doesn’t even know they’re relaying any information to Apple or maybe even that your house keys are there. Not unless they stumble on them completely separately from the Find My system.

Second, if you’re the finder, you don’t have to worry about your privacy either. The location data comes from your iPhone using typical location services — Wi-Fi router mapping, cellular triangulation, assisted GPS, but nothing aside from the location is sent. Nothing that says you’re the one at that location. You could literally be anyone.

Also, because Bluetooth LE, and things like network coalescence, which basically just means Find My waits to relay until the processor and modem are waking up anyway, like to check for messages, there’s very little impact on the finder’s battery life either. Even if it’s constantly, passively, picking up pings. Just like it would be from AirPods, Apple Watch, AirDrop, or other accessories or features anyway.

And, the Find My network is opt-in. No one has to be a finder and relay AirTags if they don’t want to. Though the more literally the better for everyone.

The relay is encrypted from the finder’s device to Apple, so even if somebody bothered to try and eavesdrop on it, all they’d get is that pseudo-random blob. And, since Apple doesn’t have your private key, only your devices do, Apple can’t tell what’s in the blob either. Not that it’s for your device, not what time, and not where. All Apple can do is store the report or reports as they come in.

Ok, so, how do you get your house keys back?

Well, once you realize they’re missing, you turn on your iPhone, hit the Find My app, and tap on the AirTag that’s attached to them.

Then, your iPhone will first pull that AirTag’s information from iCloud Keychain and start going back and computing all the 15-minute interval public keys and lookup indexes its generated, and ask Apple’s servers for any matching reports.

If there are any, Apple will send them down, again as encrypted blobs between their servers and your iPhone so no one can listen in, and then your iPhone will ECIES decrypt them and show you where your AirTag has been, and when.

In other words, your house keys will just show up in Find My the way your iPhone or iPad or other Apple kit has for years now and, hopefully, you’ll simply be able to go out and pick them up. No frantic calls to families or locksmiths, not with all this going on as well.

Right now, today, you can use Find My to ping any device with a speaker — yes, fine, one ping only — so you can try to find them even if you can’t immediately see them.

But, accessibility not only demands options but really is for everyone. So, soon, I imagine that soon you might be able to use things like the U1 spatial positioning chip in the iPhone 11 to laser pointer the location of your lost device, or the LiDAR scanner on the new iPad Pro to augment the reality of the world transparent around you and make your lost items glow. Like neon.

That’s the how. The way, in this case, I think is easy: AirTags, like AirPods, will further add to the value of owning an iPhone, and the network value of owning multiple Apple products. Yeah, the ecosystem play.

For Apple, they spent a decade building up the iPhone and iCloud as a platform so they can now use that platform to build up the next decade of products… and more recently, services. AirTags+?

For us, we get convenience and features greater than the some of any individual part.

But, there will be a few question, even controversies Apple will have to address.

First, some people are going to worry that AirTags will be abused by bad actors. That someone could just drop one into your gym bag and use it to track you.

That’s something Apple should get ahead of right away, during the introduction, however it’s done.

Sure, people can do that already with similar, existing products like Tile. And never mind every action show on TV has had a plot or several showing exactly that being done with a cell phone. That won’t stop it being made all about Apple, because nothing makes a product or headline as mainstream as making it all about Apple.

Second, some people are going to accuse AirTags of stepping all over Tile, because Tile is similar and already exists. Just like there were headphones before AirPods and prior versions of pretty much everything Apple’s ever made.

Apple’s advantage will be integration with Apple devices in a way that’s not only unmatched by third parties but unmatchable. Tile’s will be the ability to do everything Apple typically refuses to do, like offer a lot of options, including cross-platform support for Android.

AirPods are super popular now, to be sure but, in part thanks to them, we now have very similar headsets and much better competition from a wide range of companies.

Apple could, and I’d argue should, offer APIs, application programming interfaces, for third parties to make all this stuff better for everybody. Sure, Sony or Tile wouldn’t be able to do anything like the custom silicon Apple will be pouring into their own accessories, but Apple should want any experience to always be better on Apple devices.