User guide
4. The BlackBerry Router performs one of the following actions:
• The BlackBerry Router closes the authenticated connection to the BlackBerry device on behalf of the BlackBerry
Enterprise Server if the BlackBerry Router accepts y
C
.
• The BlackBerry Router does not close the authenticated connection to the device if the BlackBerry Router
calculates the following:
y
C
P + e
C
R
C
≠ y
D
P + e
D
R
D
Cryptosystem parameters that the BlackBerry Router
protocol uses
The BlackBerry Router, BlackBerry Enterprise Server, and BlackBerry device are designed to share the following
cryptosystem parameters when they use the BlackBerry Router protocol.
Parameter Description
E(Fq) This parameter represents the NIST approved 521-bit random elliptic curve over Fq, which
has a cofactor of 1. The BlackBerry Router protocol does all math operations in the groups
E(Fq) and Z
p
.
Fq This parameter represents a finite field of prime order q.
P This parameter represents a point of E that generates a prime subgroup of E(Fq) of order p.
xR This parameter represents the elliptic curve scalar multiplication, where x is the scalar and R
is a point on E(Fq).
s This parameter represents the value of the device transport key.
h This parameter represents the SHA-512 hash of s.
Security Technical Overview Protecting communication with a device
82