Protecting Bluetooth connections on a BlackBerry device
Bluetooth® wireless technology permits a Bluetooth enabled BlackBerry® device to open a wireless connection with other Bluetooth devices that are within a 10-meter range (for example, a hands-free car kit or wireless headset).
The BlackBerry device creates a Bluetooth profile, which specifies how applications on the BlackBerry device and on other Bluetooth devices connect and communicate. The BlackBerry device uses the Bluetooth profile to open serial connections to Bluetooth enabled devices using virtual serial ports.
- You or a user can turn off the Bluetooth wireless technology for the BlackBerry device.
- The user must request a connection or pairing on the BlackBerry device with another Bluetooth device and type a passkey (also known as a shared secret key) to complete the pairing.
- The user can specify whether to encrypt data sent to and from the BlackBerry device over a Bluetooth connection. The BlackBerry® Enterprise Solution uses the passkey to generate encryption keys.
- The BlackBerry device prompts the user each time a Bluetooth device tries to connect to the BlackBerry device.
For more information, see Security for BlackBerry Devices with Bluetooth Wireless Technology.
Using CHAP to open a Bluetooth connection between the BlackBerry Desktop Software and a BlackBerry device
A Bluetooth® enabled BlackBerry® device can use CHAP to open a Bluetooth connection to the BlackBerry® Desktop Software. To open a Bluetooth connection, the BlackBerry device or BlackBerry Desktop Software can use CHAP to send a challenge. The BlackBerry device or BlackBerry Desktop Software can subsequently use the SHA-1 algorithm to calculate a response to the challenge or to validate the response of the other party, depending on which party started the process to open the Bluetooth connection.
When the BlackBerry device uses CHAP, the BlackBerry device never sends the BlackBerry device password over an unprotected connection. The BlackBerry device combines the challenge with the BlackBerry device password to authenticate with the BlackBerry Desktop Software.
For more information about CHAP, see RFC 1994.