The BlackBerry® Enterprise Solution uses a two-key Triple DES encryption algorithm to generate message keys and device transport keys. In the three iterations of the DES algorithm, the first 56-bit key in outer CBC mode encrypts the data, the second 56-bit key decrypts the data, and the first key encrypts the data again.

The BlackBerry Enterprise Solution stores the message keys and device transport keys as 128-bit binary strings with each parity bit in the least significant bit of each of the 8 bytes of key data. The message keys and device transport keys have overall key lengths of 112 bits and include 16 bits of parity data.

All versions of the BlackBerry® Enterprise Server, BlackBerry® Device Software, and BlackBerry® Desktop Software support Triple DES.

For more information about Triple DES, see Federal Information Processing Standard - FIPS PUB 81 [3].