Parameters that the

BBM Enterprise

key exchange uses

The two key exchange participants (A initiator, B recipient)

Versions of X belonging to A and B

BlackBerry

PIN value for A and B

The highest supported protocol version by each party

Public portion of EC-SPEKE exchange values

Private portion of EC-SPEKE exchange values

Public portion of signing key

Private portion of signing key

Public portion of encryption key

Private portion of encryption key

Symmetric encryption key protecting the confidentiality of the key exchange

Symmetric key protecting the integrity of the key exchange

Initialization Vector nonce associated with encryption using K

enc

Symmetric encryption with K

enc

followed by the addition of a MAC of the ciphertext with K

mac

The inverse of ENCMAC: verification of the MAC with K

mac

, followed by decryption of the authenticated ciphertext using K

enc

A standard KDF function

Generates a non-deterministic key pair based on a shared secret

Generates a raw shared secret with ECDH

Generates a new random Elliptic Curve key pair

A symmetric key used for proving possession of the private key

A public key signature on a hash using ECDSA

Calculates a MAC keyed with secret on data

Message authentication tags for messages #3 and #4

The EC-SPEKE shared secret value between A and B

The prefix value used for cryptographic separation between usages of the same key between different

BBM

applications, protocol versions, and sessions

Shared secrets, shared in-band out-of-band (for details, see Key exchange process)

Indicates concatenation

Indicates separation of concatenated values