Security Technical Overview

Local Navigation

How the BlackBerry Enterprise Server components and the BlackBerry MVS protect communication

BlackBerry® Enterprise Server components and the BlackBerry® Mobile Voice System use the BlackBerry inter-process protocol to help protect the data that the components send to each other. The BlackBerry inter-process protocol uses a communication password to generate a session key that encrypts the data that the components send to each other. The BlackBerry Collaboration Service, BlackBerry MDS Connection Service, BlackBerry Policy Service, BlackBerry Synchronization Service, and BlackBerry MVS share a communication password. The BlackBerry Messaging Agent and BlackBerry Dispatcher share a different communication password. The communication passwords are designed to prevent a potentially malicious user from viewing data that the BlackBerry Enterprise Server components and the BlackBerry MVS send to each other.

When a BlackBerry Enterprise Server component or the BlackBerry MVS opens a connection to the BlackBerry Dispatcher, the BlackBerry inter-process protocol is designed to use SPEKE to generate the session key. The key generation process uses the communication password of the BlackBerry Enterprise Server component or BlackBerry MVS and generates an AES-256 encryption key, which is the session key. The BlackBerry Enterprise Server components and BlackBerry MVS use the session key to encrypt the data that the BlackBerry Enterprise Server components and BlackBerry MVS sends to other BlackBerry Enterprise Server components that share the same communication password.


Was this information helpful? Send us your comments.