Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
12345678910
BlackBerry Smart Card Reader Security 8
BlackBerry Smart Card Reader security
The BlackBerry Smart Card Reader is designed to provide strong authentication to prevent offline and online
dictionary attacks using the following security methods by default.
Security method Description
Secure connections The BlackBerry Smart Card Reader uses processes designed to
pair the BlackBerry Smart Card Reader with the Bluetooth
enabled BlackBerry device or computer using a Bluetooth
pairing key to establish a Bluetooth connection between
them
pair the smart card with the Bluetooth enabled BlackBerry
device or computer using a secure pairing key to establish
an authenticated connection between them
establish session keys to protect data that the BlackBerry
device or computer and the BlackBerry Smart Card Reader
send between them on the application layer over the
Bluetooth connection
Shared master encryption key The BlackBerry Smart Card Reader creates a shared master
encryption key from the secure pairing key and a secret private
key that the BlackBerry Smart Card Reader sets.
BlackBerry Smart Card Reader password
The first BlackBerry device or computer to connect to the
BlackBerry Smart Card Reader after the BlackBerry Smart Card
Reader resets, which removes the Bluetooth pairing information,
must set a connection password. This password protects the
encryption keys on the BlackBerry Smart Card Reader in the
same way that the BlackBerry device password protects the data
on the BlackBerry device.
Any debugging application that tries to connect to the
BlackBerry Smart Card Reader over the USB connection cannot
connect unless that application knows the password.
After ten unsuccessful password attempts, the BlackBerry Smart
Card Reader erases all of its data, including the password.
See “Appendix G: BlackBerry Smart Card Reader reset process”
on page 26 for more information.
Protected key storage To help limit the risk of key disclosure, the BlackBerry Smart Card
Reader is designed to store all keys in its RAM only and does not
write keys to its flash memory. To take the BlackBerry Smart
Card Reader apart, the user must remove the battery, thereby
clearing all of the keys on the BlackBerry Smart Card Reader.
BlackBerry devices that run the BlackBerry Device Software
Version 4.1 or later and the computer store the current secure
pairing key and the shared master encryption key in their
respective RAM only. BlackBerry devices that run BlackBerry
Device Software versions earlier than version 4.1 store the secure
pairing key and the shared master encryption key in a key store
database in BlackBerry device flash memory.
www.blackberry.com