Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
11121314151617181920
Key Description
content protection key The content protection key encrypts user data on the device when the device is
locked.
device transport key The device transport key encrypts the message keys.
ECC private key The ECC private key decrypts data when the user unlocks the device.
ECC public key The ECC public key encrypts the stored data that the device receives when the
device is locked.
ephemeral key The ephemeral key encrypts the ECC public key, ECC private key, and content
protection key on the device.
PIN encryption key The PIN encryption key scrambles PIN messages.
principal encryption key If you or a user turns on content protection, the principal encryption key
encrypts the device transport key and PIN encryption key that is specific to your
organization when the device is locked.
message keys The message keys encrypt data sent to and from the device.
Enforcing the FIPS mode of operation on a
device
FIPS are computer-system standards that were developed by the United States federal government and specify
requirements for security algorithms. The BlackBerry device uses the AES cipher-based DRBG as the FIPS-validated
random source. The device uses the FIPS 186-2 DSA PRNG as the non-FIPS random source. You can configure the
Enforce FIPS Mode of Operation IT policy rule to specify whether a device must operate in FIPS mode.
You can also configure the Force Cryptographic Power Analysis Protection IT policy rule to specify whether a device must
use algorithms that are protected against cryptographic power analysis (if available).
If the Enforce FIPS Mode of Operation IT policy rule or the Force Cryptographic Power Analysis Protection IT policy rule is
enabled, the device displays this information in the Security Status Information section, in the Security options on the
device.
For more information about using IT policy rules, see the BlackBerry Enterprise Server Policy Reference Guide. For more
information about the DRBG function, see NIST Special Publication 800-90. For more information about the DSA PRNG
function, see Federal Information Processing Standard - FIPS PUB 186-2.
Security Technical Overview Keys on a device
19