Security Technical Overview

Local Navigation

Algorithms that the BlackBerry Enterprise Solution uses to encrypt data

The BlackBerry® Enterprise Solution uses AES or Triple DES as the symmetric key cryptographic algorithm for encrypting data. By default, the BlackBerry® Enterprise Server uses the strongest algorithm that both the BlackBerry Enterprise Server and the BlackBerry device support for BlackBerry transport layer encryption.

If you configure the BlackBerry Enterprise Server to support AES and Triple DES, by default, the BlackBerry Enterprise Solution generates device transport keys using AES encryption. If a device uses BlackBerry® Device Software version 3.7 or earlier or BlackBerry® Desktop Software version 3.7 or earlier, the BlackBerry Enterprise Solution generates the device transport keys of the device using Triple DES.

How the BlackBerry Enterprise Solution uses AES to encrypt data

By default, when a BlackBerry® device supports AES, the BlackBerry® Enterprise Solution uses AES for BlackBerry transport layer encryption. The BlackBerry Enterprise Solution uses AES in CBC mode to generate the message keys and device transport keys. The keys consist of 256 bits of data.

BlackBerry® Enterprise Server version 4.0 or later, BlackBerry® Device Software version 4.0 or later, and BlackBerry® Desktop Software version 4.0 or later support AES.

For more information about how the BlackBerry Enterprise Server uses AES for BlackBerry transport layer encryption to communicate with devices, visit www.blackberry.com/support to read article KB05429.

Back To Top

How a device uses the AES algorithm to help protect user data and keys

The BlackBerry® device implementation of the AES algorithm is designed to help protect user data and keys (such as the device transport key and ephemeral key) from traditional attacks and side-channel attacks.

A traditional attack tries to exploit data that a cryptographic system stores or transmits. The potentially malicious user tries to determine the key or the plain-text data by exploiting a weakness in the design of the cryptographic algorithm or protocol.

The potentially malicious user uses a side-channel attack to try to exploit the physical properties of the device implementation of the AES algorithm using power analysis (for example, SPA and DPA) and electromagnetic analysis (for example, SEMA and DEMA). A potentially malicious user tries to determine the keys that the device uses by measuring and analyzing the power consumption or the electromagnetic radiation that the device emits during cryptographic operations. The device uses a masking operation, table splitting, and a random mask application to help protect the keys and plain-text data against side-channel attacks at all points during the encryption and decryption operations.

Back To Top
Process flow: Running a masking operation during the first AES calculation when content protection is turned on
During the first AES calculation, the BlackBerry® device performs the following actions if you or a user turned on content protection:
  1. runs a masking operation by performing the following actions:
    1. creates a mask table (M), where each table entry is a random value
    2. creates a masked version of the S-Box table (S') that is used within AES
    3. periodically and randomly changes the order of all table entries
  2. runs the result of step 1 as the input through both M and S'
  3. combines the output of step 2 from M and S'
  4. deletes the mask and produces the AES output
Back To Top
Process flow: Running a masking operation during subsequent AES calculations when content protection is turned on
A BlackBerry® device performs the following actions:
  1. performs the masking operation by periodically and randomly permuting all table entries in every calculation
  2. runs the input through both M and S'
  3. combines the output from M and S'
  4. deletes the mask and produces the AES output
Back To Top
Process flow: Running a masking operation when a device does not use content protection
If you or a user did not turn on content protection, a BlackBerry® device performs the following actions during an AES calculation:
  1. masks the output from the round key
  2. masks the AES S-Box input
  3. masks the AES S-Box output
Back To Top

How the AES algorithm creates S-Box tables and uses round keys and masks

A BlackBerry® device permutes each AES S-Box entry at random and masks each entry with a random value.

The BlackBerry device masks the round keys with random values and any S-Box masks that the AES algorithm requires to work. Round keys are subkeys that the key schedule calculates for each round of encryption.

The BlackBerry device changes the random masks periodically and uses extra S-Box data to make identification of the S-Box table difficult, whether the BlackBerry device uses the S-Box table in the encryption process, decryption process, or key schedule process.

Back To Top

How the BlackBerry Enterprise Solution uses Triple DES to encrypt data

The BlackBerry® Enterprise Solution uses a two-key Triple DES encryption algorithm to generate message keys and device transport keys. In the three iterations of the DES algorithm, the first 56-bit key in outer CBC mode encrypts the data, the second 56-bit key decrypts the data, and the first key encrypts the data again.

The BlackBerry Enterprise Solution stores the message keys and device transport keys as 128-bit binary strings with each parity bit in the least significant bit of each of the 8 bytes of key data. The message keys and device transport keys have overall key lengths of 112 bits and include 16 bits of parity data.

All versions of the BlackBerry® Enterprise Server, BlackBerry® Device Software, and BlackBerry® Desktop Software support Triple DES.

For more information about Triple DES, see Federal Information Processing Standard - FIPS PUB 81 [3].

Back To Top
Related concepts

Was this information helpful? Send us your comments.