Manualshelf

Installation guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
11121314151617181920
BlackBerry Enterprise Solution Security
Extending BlackBerry device messaging security 17
The PGP Support Package includes tools for obtaining PGP keys and transferring them to the BlackBerry device
so that BlackBerry devices with the PGP Support Package installed can decrypt PGP protected messages and
users can read the decrypted messages on their BlackBerry devices. Users can digitally sign, encrypt, and send
PGP protected messages from their BlackBerry devices. Without the PGP Support Package, the BlackBerry device
receives PGP protected messages as unreadable cipher text.
Within the PGP Universal environment, the PGP Universal Server operates as a network appliance. The PGP
Universal Server specifies secure email policies that the PGP Universal Server administrator designs. The
BlackBerry device with the PGP Support Package installed enforces compliance with the PGP Universal secure
email policies for all email messages.
The PGP Support Package includes support for the following:
using the PGP Universal Server to retrieve and enforce a secure email policy
wireless fetching of PGP keys and PGP key status using either a PGP Universal Server or an external LDAP
PGP key server
encrypting and decrypting PGP protected email and PIN messages
verifying digital signatures on received email and PIN messages, and digitally signing outgoing email and
PIN messages
The BlackBerry device is designed to use the BlackBerry MDS connection service, which resides on the
BlackBerry Enterprise Server, to connect to the PGP Universal Server and to the external LDAP PGP key server(s)
that the user sets on the BlackBerry device. The connection service uses a standard protocol, such as HTTP or
TCP/IP, to enable the BlackBerry device to retrieve PGP keys and PGP key status from the PGP Universal Server
or an external LDAP PGP key server over the wireless network.
PGP security
PGP technology is designed to enable sender-to-recipient authentication and confidentiality and help maintain
data integrity and privacy from the time that the BlackBerry device user sends a message over the wireless
network until the message recipient decodes and reads the message.
PGP technology relies on public key cryptography (using private and public key pairs) to provide confidentiality,
integrity and authenticity.
PGP key types
The PGP Support Package uses public key cryptography with the following keys:
Key type Description
PGP public key The BlackBerry device uses the recipient’s PGP public key to encrypt outgoing email
messages, and uses the sender’s PGP public key to verify digital signatures on received
email messages.
The PGP public key is designed to be distributed and accessed by message recipients and
senders without compromising security conditions.
PGP private key The BlackBerry device uses the PGP private key to digitally sign outgoing email
messages and decrypt received email messages.
Private key information should remain private to the key owner.
PGP encryption
If the PGP Support Package is installed on a BlackBerry device, when a user sends a message from that
BlackBerry device, the BlackBerry device encrypts the message using the following process:
1. The BlackBerry device encrypts the message using the message recipient’s PGP public key.
2. The BlackBerry device uses standard BlackBerry encryption to encrypt the PGP encrypted message.
www.blackberry.com