User guide
The PGP public key of the recipient indicates which encryption algorithm the recipient’s email application supports, and the
BlackBerry device is designed to use that encryption algorithm. By default, if the PGP public key of the recipient does not include
a list of encryption algorithms, the BlackBerry device encrypts the email message or PIN message using Triple DES.
Process flow: Sending an email message using PGP encryption
If a sender installs the PGP® Support Package for BlackBerry® smartphones on a BlackBerry device, the BlackBerry device encrypts
outgoing email messages.
1. The BlackBerry device performs the following actions:
a. uses the BlackBerry MDS Connection Service to retrieve the PGP public key of the recipient from the PGP® Universal
Server, LDAP server, or DSML certificate server
b. encrypts the email message using the PGP public key of the recipient
c. uses BlackBerry transport layer encryption to encrypt the PGP encrypted message
d. sends the message that is encrypted using BlackBerry transport layer encryption and PGP encryption to the BlackBerry®
Enterprise Server
2. The BlackBerry Enterprise Server removes the BlackBerry transport layer encryption and sends the PGP encrypted message
to the recipient.
Security Technical Overview
Extending messaging security using PGP encryption
86