The protocol is just registering a public key for each device to the server-side directory. A device-specific private key is generated and kept client-side on every device that logs in to iMessage.