Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
12345678910
BlackBerry Smart Card Reader Security
Contents
BlackBerry Smart Card Reader .............................................................................................................................. 4
Authenticating a user using a smart card........................................................................................................ 4
Integrating a smart card with existing secure messaging technology....................................................... 4
New in this release .............................................................................................................................................. 5
System requirements........................................................................................................................................... 5
System architecture ................................................................................................................................................. 5
BlackBerry Enterprise Solution security............................................................................................................... 5
Bluetooth enabled BlackBerry devices.............................................................................................................6
Managing Bluetooth enabled BlackBerry devices..........................................................................................6
Bluetooth security measures on the BlackBerry Smart Card Reader .............................................................. 7
BlackBerry Smart Card Reader security ............................................................................................................... 8
Managing third-party application Bluetooth connections to the BlackBerry Smart Card Reader.......10
Managing BlackBerry Smart Card Reader technology.................................................................................10
Establishing an encrypted and authenticated connection to the BlackBerry Smart Card Reader ...........12
Performing the Bluetooth pairing process and the secure pairing process on the BlackBerry device 13
Performing the Bluetooth pairing process and the secure pairing process on the computer...............13
Initial key establishment protocol used in the secure pairing process......................................................13
Connection key establishment protocol used in the secure pairing process ...........................................14
Encrypting and authenticating data on the application layer ....................................................................... 16
Using two-factor authentication ......................................................................................................................... 16
Turning on two-factor authentication on the BlackBerry device .............................................................. 16
Setting two-factor authentication on the computer.....................................................................................17
Related resources....................................................................................................................................................18
Appendix A: BlackBerry Smart Card Reader supported algorithms .............................................................. 19
Appendix B: Connection key establishment protocol errors...........................................................................20
Appendix C: Application layer protocol encryption and authentication .......................................................21
Appendix D: BlackBerry Smart Card Reader shared cryptosystem parameters.......................................... 22
Appendix E: Examples of attacks that the BlackBerry Smart Card Reader security protocols are
designed to prevent ............................................................................................................................................... 23
Eavesdropping .................................................................................................................................................... 23
Impersonating a BlackBerry device or computer.......................................................................................... 23
Impersonating a BlackBerry Smart Card Reader.......................................................................................... 23
Man-in-the-middle attack................................................................................................................................ 23
Offline attack......................................................................................................................................................24
Offline dictionary attack...................................................................................................................................24
© 2006 Research In Motion Limited. All rights reserved.
www.blackberry.com