Skip Navigation

Key exchange process

The 
BBM Enterprise
 key exchange process is protected by an EC-SPEKE passphrase.  Protecting the exchange of public identity keys with a passphrase is a unique property of 
BBM Enterprise
. The main purpose of this approach is provide a strong cryptographic promise between the initiator and the recipient of a key exchange so that 
BBM Enterprise
 users can be sure that they have the true, trusted keys for other users. With trusted identity keys, users can trust that only intended recipients can join chats and receive messages.
  • Automatic passphrase exchange
    : Automatic passphrase is a default feature of 
    BBM Enterprise
     that allows users to exchange the required passphrase for key exchange using an in-band mechanism instead of an out-of-band mechanism. The passphrase that users exchange is generated automatically. The passphrase is shared in-band, using a 
    BBM Enterprise
     message and requires no user interaction to set it up. The sender’s 
    BBM Enterprise
     app automatically generates a passphrase and sends it to the recipient to use as the passphrase. With automatic passphrase, 
    BBM Enterprise
     seamlessly initiates key exchanges when first communicating with other users. The messages carrying the passphrase are transient. This method provides a convenient and fast chat setup process while giving users the option to verify keys later using a manual passphrase key exchange or manual key verification.
  • Manual passphrase exchange
    : With a manual passphrase exchange, the user who initiates the process sends the passphrase using an out-of-band mechanism, such as in person, using SMS, or by email. The shared secret can be a user-defined passphrase or it can be an auto-generated passphrase suggested by 
    BBM Enterprise
    . An attacker would have to compromise the shared secret exchange, which is made more difficult because the attacker doesn’t know when or how the secret will be shared. Because the secret is shared out-of-band, in order to compromise the identity key exchange, an attacker intending to spoof the identity would need to intercept both the connection through the 
    BlackBerry Infrastructure
     and the out-of-band channel outside of 
    BlackBerry Infrastructure
     that the 
    BBM Enterprise
     users use to exchange the shared secret. Without the correct passphrase, an attacker cannot complete the EC-SPEKE exchange and therefore cannot read or modify the 
    BBM Enterprise
     traffic. To enable this option for all users, turn on an IT policy in the 
    BBM Enterprise
     user management console. Additionally, users with 
    BBM Enterprise
     version 1.8 can, at any time, use the "Share Passphrase" option in a 1:1 chat to start a manual passphrase key exchange with the chat participant, irrespective of the IT policy settings.
  • Manual key verification
    : Starting in 
    BBM Enterprise
     version 1.8, a manual key verification security measure is available to 
    BBM Enterprise
     users at all times. When the user manually verifies the fingerprint or scans the QR code directly from the other user's client in-person or via other secure means, 
    BBM Enterprise
     marks the user's copy of the keys as manually verified. Users can examine the manual key verification state of all other users, and users receive notifications when new keys are exchanged. When keys are exchanged using a manual passphrase exchange, 
    BBM Enterprise
     will automatically mark the keys as manually verified. Under an automatic passphrase exchange policy, users can manually verify each other's keys by a QR code scan or visual comparison of their key fingerprint. 
Regardless of which mechanisms are used, 
BBM Enterprise
 reports updates in its Feeds list whenever new, different identity keys are exchanged with an automatic passphrase or when identity keys are manually verified. Users can also inspect the manual verification state of another known user's public keys at any time. Thus, users are always kept apprised of important identity key life cycle events and state.