Manualshelf

Installation guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
71727374757677787980
BlackBerry Enterprise Solution 80
device. The attacker must send master encryption key value (s) to the BlackBerry Enterprise Server, which
requires effectively solving the discrete log problem to determine s or the hash of s.
Impersonating a BlackBerry Enterprise Server
An impersonation of the BlackBerry Enterprise Server occurs when the attacker sends messages to the
BlackBerry device so that the BlackBerry device believes it is communicating with the BlackBerry Enterprise
Server. The attacker must send s to the BlackBerry device, which requires effectively solving the discrete log
problem to determine s or the hash of s.
Process flow: Using the BlackBerry Router protocol to open an authenticated connection
1. The BlackBerry device and the BlackBerry Enterprise Server both hash the current BlackBerry device master
encryption key using SHA-512.
2. The BlackBerry device picks a random value r
D,
where 1 < r
D
< p – 1 and calculates R
D
= r
D
P.
3. The BlackBerry device sends R
D
and KeyID, a master encryption key identifier, to the BlackBerry Enterprise
Server.
4. The BlackBerry Router observes the data that the BlackBerry device sends and confirms that the value R
D
is
not the point at infinity. If R
D
is the point at infinity, the BlackBerry Router sets R
D
to a random value.
5. The BlackBerry Router forwards R
D
and KeyID to the BlackBerry Enterprise Server.
6. The BlackBerry Enterprise Server calculates that as R
D
approaches the point at infinity, R
D
is random.
7. The BlackBerry Enterprise Server picks a random value r
B
, where 1 < r
B
< p – 1 and calculates R
B
= r
B
P.
If R
D
equals R
B
, the BlackBerry Enterprise Server calculates another value of R
B
.
8. The BlackBerry Enterprise Server picks a random value e
D
, where 1 < e
D
< p – 1.
9. The BlackBerry Enterprise Server sends R
B
, e
D
, and KeyID to the BlackBerry device.
10. The BlackBerry Router observes the data that the BlackBerry Enterprise Server sends and confirms the
following calculations:
checks that when the value R
B
approaches the point at infinity or R
D
equals R
B
, the value R
B
is random
checks that when the value e
D
equals 0, the value e
D
is random
11. The BlackBerry Router forwards R
B
, e
D
, and KeyID to the BlackBerry device.
12. The BlackBerry device performs the following calculations:
checks that when the value R
B
approaches the point at infinity or R
D
equals R
B
, the value R
B
is random
checks that when the value e
D
equals 0, the value e
D
is random
computes y
D
= he
D
r
D
mod p
13. The BlackBerry device picks a random value e
B
, where 1 < e
B
< p – 1.
14. The BlackBerry device sends y
D
and e
B
to the BlackBerry Enterprise Server.
15. The BlackBerry Router observes the data that the BlackBerry device sends and confirms that if e
B
equals 0 or
e
B
equals e
D
, the value e
B
is random.
16. The BlackBerry Router forwards y
D
and e
B
to the BlackBerry Enterprise Server.
17. The BlackBerry Enterprise Server performs the following calculations:
checks that when the value e
D
equals e
B
, the value e
B
is random
checks that when the value e
D
equals 0, the value e
D
is random
computes y
B
= he
B
r
B
(mod p)
18. The BlackBerry Enterprise Server sends y
B
to the BlackBerry device.
19. The BlackBerry device receives y
B
.
©
2008 Research In Motion Limited. All rights
reserved.
www.blackberry.com