Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
12345678910
BlackBerry Smart Card Reader Security 9
Security method Description
Code signing Before you or a user can run a permitted third-party application
that uses the controlled APIs on the BlackBerry device, the
Research In Motion (RIM) signing authority system must use
public key cryptography to authorize and authenticate the
application code.
The BlackBerry Smart Card Reader uses code signing to prevent
users from loading third-party code onto the BlackBerry Smart
Card Reader. When RIM manufactures the BlackBerry Smart
Card Reader, it installs a public key into the secure boot ROM of
the BlackBerry Smart Card Reader and uses the corresponding
private key to sign the BlackBerry Smart Card Reader operating
systems. When RIM loads an operating system and Java Virtual
Machine onto the BlackBerry Smart Card Reader, the boot ROM
verifies the signature on the loaded operating system. If the boot
ROM determines that the signature is not valid, it rejects the
operating system.
See the BlackBerry Enterprise Solution Security Technical
Overview for more information on code signing.
Random number generation In the BlackBerry Smart Card Reader, the following sources of
entropy seed the random number generator:
RIM manufactures each BlackBerry Smart Card Reader with
a random 64-byte value (a seed). This provides the
BlackBerry Smart Card Reader with entropy before the
wireless transceiver is turned on.
When the initial key establishment protocol establishes the
master encryption key and the connection key
establishment protocol establishes the connection key that
the BlackBerry device or computer and the BlackBerry Smart
Card Reader use to send data between them, the BlackBerry
device or computer and the BlackBerry Smart Card Reader
use SHA 512 to hash all of the packets that they send and
receive between them and add the hashed packets to the
entropy pool.
Each time the BlackBerry device or computer and the
BlackBerry Smart Card Reader negotiate keys during the
initial key establishment protocol and the connection key
establishment protocol, the BlackBerry device or computer
sends a 64-byte seed to the BlackBerry Smart Card Reader.
The BlackBerry Smart Card Reader adds this value to its
random source.
See the BlackBerry Enterprise Solution Security Technical
Overview for more information on the BlackBerry device random
number generation process.
www.blackberry.com