EBID contain user/phone ID

[pfif]

Problem : All EBID (ID sent by bluetooth) contain an encrypted
version of the phone's ID. The key¹ used to encrypt the EBID is
stored on the server.

Here is an attack vector: a malicious actor sets up a computer that
records all the EBID broadcasted from the phone. It then manage to
obtain the key/keys used by the server to encrypt the EBID², and
decrypt them all. The malicious user will then have a record of all
the user ID that came near that hub.

Possible solution?: Have EBID be random strings, and store these in a
map EBID -> ID. A trie data structure might also be used in order to make
the retrival of an ID for an EBID among 86 400 000 000³ fast?

¹ Maybe that key is rotated, maybe not, it's not specified.

² Not that far fetch an idea when you consider the amount of hacks and password leaks in recent years. It could also be a malicious state actor getting to power.

³ (one key for every quarters over two week, for 30 000 000 users)