Manualshelf

User guide

ManualsBrandsBlackberry ManualsOtherENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES
61626364656667686970
Because the BlackBerry Router protocol can proceed past the point that it detects corrupted data, the BlackBerry Router protocol
is unsuccessful at completion only. This measure is designed to prevent various timing attacks.
Process flow: Using the BlackBerry Router protocol to close an authenticated connection
1. The BlackBerry® Enterprise Server performs the following actions:
a. selects a random value r
C
, where 1 < r
c
< p - 1
b. calculates R
C
= r
C
P
c. calculates another R
C
value if R
C
= R
B
, or R
C
= R
D
d. sends the value R
C
to the BlackBerry Router
2. The BlackBerry Router performs the following actions:
a. verifies that the value R
C
is random when the value R
C
approaches the point at infinity
b. verifies that the value R
C
is random when the value R
C
= R
B
, or R
C
= R
D
c. selects a random value e
C
, where 1 < e
c
< p - 1
d. calculates another e
C
value if e
C
= e
D
, or e
c
= e
B
e. sends the value e
C
to the BlackBerry Enterprise Server
3. The BlackBerry Enterprise Server performs the following actions:
a. verifies that the value e
C
is random when the value e
C
= 0
b. verifies that the value e
C
is random when the value e
C
= e
B
, or e
C
= e
D
c. calculates y
C
= h - e
C
r
C
mod p
d. sends the value y
C
to the BlackBerry Router
4. The BlackBerry Router performs one of the following actions:
The BlackBerry Router closes the authenticated connection to the BlackBerry device on behalf of the BlackBerry
Enterprise Server if the BlackBerry Router accepts y
C
.
The BlackBerry Router does not close the authenticated connection to the BlackBerry device if the BlackBerry Router
calculates the following:
y
C
P
+
e
C
R
C
y
D
P + e
D
R
D
Process flow: Using the BlackBerry Router protocol to open an authenticated connection
1. The BlackBerry® device and BlackBerry® Enterprise Server hash the current device transport key using SHA-512.
2. The BlackBerry device performs the following actions:
a. selects a random value r
D,
where 1 < r
D
< p - 1 and calculates R
D
= r
D
P
Security Technical Overview
Opening a direct connection between a BlackBerry device and a BlackBerry Router
60