The BlackBerry® Enterprise Solution generates device transport keys on a regular basis so that a potentially malicious user cannot access all data sent between a BlackBerry® Enterprise Server and BlackBerry device if that user compromises a device transport key. As the BlackBerry Enterprise Solution generates device transport keys, the device transport keys change state from pending to current to previous.

The BlackBerry® Enterprise Solution stores current, pending, and previous device transport keys in the BlackBerry Configuration Database, in the messaging environment, and on each BlackBerry device.

A BlackBerry device stores the device transport keys in a key store database in flash memory. The key store database is designed to prevent a potentially malicious user from copying the device transport keys to a computer by trying to back up the device transport keys. A potentially malicious user cannot extract key data from flash memory.

To avoid compromising the device transport keys that are stored in the BlackBerry Configuration Database or in the messaging environment, you must protect the BlackBerry Configuration Database and the storage location of the device transport key in the messaging environment.

In an IBM® Lotus® Domino® environment, the BlackBerry® Enterprise Solution stores the device transport keys in a Lotus Domino database that is named BlackBerryProfiles.nsf. The BlackBerry profiles database contains configuration information for every user account that exists in the Data directory. The BlackBerry profiles database stores an account record that contains the RIMCurrentEncryptionKeyText field, RIMPendingEncryptionKeyText field, and RIMPreviousEncryptionKeyText field. The fields stores the device transport keys for every user account in a hexadecimal string using alphanumeric characters.

If a user connects a BlackBerry® device to a computer for the first time and activates the BlackBerry device, the BlackBerry® Desktop Software generates the device transport key and sends it to the BlackBerry device and messaging server.

If a user activates the BlackBerry device over the wireless network, the BlackBerry® Enterprise Server and BlackBerry device negotiate to select the strongest algorithm that they both support (either AES or Triple DES) and use that algorithm to generate a device transport key. To generate public keys for key rollover on the BlackBerry device and create a strong, cryptographically protected connection between the BlackBerry Enterprise Server and BlackBerry device, the BlackBerry® Enterprise Solution uses the SPEKE authentication method and the activation password for the BlackBerry device.

For more information about the SPEKE authentication method, visit http://standards.ieee.org/ to read Password-Based Public Key Cryptography (P1363.2).

By default, the BlackBerry® Enterprise Server and BlackBerry device generate subsequent device transport keys every 30 days. If a pending device transport key exists and a user connects a BlackBerry device to a computer, the current device transport key on the BlackBerry device becomes the previous device transport key and the pending device transport key becomes the current device transport key. If no pending device transport key exists, you, the user, or the BlackBerry® Desktop Software can generate a device transport key.

The BlackBerry Enterprise Server and BlackBerry device generate the device transport key using existing long-term public keys and the ECMQV key exchange algorithm to negotiate a device transport key. This method is designed so that a potentially malicious user is unable to calculate the device transport key. The BlackBerry Enterprise Server and BlackBerry device discard the key pair after they generate the device transport key.

For more information about the ECMQV key exchange algorithm, see NIST: Special Publication 800-56: Recommendation on Key Establishment schemes, Draft 2.0 and the Guide to Elliptic Curve Cryptography.

To generate a device transport key on an activated BlackBerry® device, a user can click Regenerate Encryption Key, in the BlackBerry device options, in the security options. The BlackBerry device sends the request to generate a device transport key to the BlackBerry® Enterprise Server over the wireless network.

A user can also generate a device transport key using the BlackBerry® Desktop Manager. By default, the BlackBerry Enterprise Server sends a request to the BlackBerry Desktop Manager every 30 days to prompt the user to generate a new device transport key on the BlackBerry device, even if the user chooses to generate the device transport key manually using the BlackBerry Desktop Manager.

You can use the BlackBerry Administration Service to start the process to generate a new device transport key.

In BlackBerry® Desktop Software version 4.0 or later, the process to generate a device transport key uses the current time and cursor movements as the seeds to generate random data.

To generate the device transport key, the BlackBerry Desktop Software performs the following actions:

1. prompts the user to move the cursor
2. uses the srand function of the C programming language to examine the lowest 12 bits of the x and y co-ordinates of the new cursor location

   If the bits are different from the previous sample, the BlackBerry Desktop Software stores the bits, which generates 3 bytes of randomness. If the bits are the same as the bits in the previous sample, the BlackBerry Desktop Software does not store any bits.

3. uses the srand function to examine the next bits, after the srand function waited for a random interval between 50 milliseconds and 150 milliseconds

   The srand function continues to wait for random intervals and examine bits until the BlackBerry Desktop Software stores 384 bytes of randomness.

4. retrieves 384 bytes of randomness from the Microsoft® Cryptographic API, for a total of 768 bytes
5. hashes the 384 bytes of randomness from the cursor co-ordinates and the 384 bytes of randomness from the Microsoft Cryptographic API with SHA-512 to produce 512 bits of data
6. frees the computer memory that is associated with the unused bits
7. generates the device transport key using the first 256 bits of data if the BlackBerry Desktop Software supports AES encryption, or the first 128 bits of data if the BlackBerry Desktop Software supports Triple DES encryption
8. deletes any bits of data that it does not use to generate the device transport key

In BlackBerry® Enterprise Server or BlackBerry® Desktop Software versions that are earlier than version 4.0, the process that generates a device transport key uses the current time and the cursor movements as the seeds to generate random data.

1. The BlackBerry Desktop Software prompts the user to move the cursor.
2. The BlackBerry Enterprise Server or BlackBerry Desktop Software generates 2 bits or 4 bits when the user moves the cursor, depending on whether the cursor movement changed one or both of the x and y axes. The BlackBerry Enterprise Server or BlackBerry Desktop Software generates bit samples in this way until it accumulates at least 8 bits.
3. The srand function of the C programming language generates a random integer.
4. The BlackBerry Enterprise Server or BlackBerry Desktop Software performs the following actions:
   1. examines the least significant bit of the integer.

      If the bit is a 1, the BlackBerry Enterprise Server or BlackBerry Desktop Software stores the complement of 1 bit of the accumulated 8 bits. Otherwise, the BlackBerry Enterprise Server or BlackBerry Desktop Software stores the unmodified accumulated 8 bits. This process is designed to make sure that, even if a user can replicate a previous user's cursor movements, the resulting value is still unique.

   2. generates a sample of 256 random bits from the cursor movements of the user
   3. uses the SHA-1 function to hash the 256 bits
   4. generates the device transport key of the BlackBerry device using the first 128 bits of the hash