BlackBerry Smart Card Reader Version 2.0 Security Technical Overview
BlackBerry Smart Card Reader security The BlackBerry® Smart Card Reader is designed to prevent offline and online dictionary attacks using the follow
11 Security method Description code signing Before a user can run a permitted third-party application that uses the controlled APIs on the Black
• prevent third-party applications that have obtained a digital signature from the Research In Motion signing authority system from using the BlackB
13 IT policy rule Description Maximum Connection Heartbeat Period This rule specifies the maximum heartbeat period, in seconds. During each hear
14 IT policy rule Description Maximum PC Long Term Timeout This rule specifies the maximum time, in hours, after a computer and the BlackBerry S
Card Reader and the BlackBerry device or computer. By default, the secure pairing PIN is 8 characters long and is case-sensitive. If your organizatio
4. The BlackBerry Smart Card Reader creates a list of all the algorithms that it supports and sends the supported algorithms list to the BlackBerry
The connection key establishment protocol uses the ECDH algorithm that the initial key establishment protocol negotiates. The ECDH algorithm provides
For more information about variables used in this process, see “BlackBerry Smart Card Reader shared cryptosystem parameters”. The connection key esta
• The BlackBerry device binds to the installed smart card automatically by storing the smart card binding information in a BlackBerry device NV stor
Contents BlackBerry Smart Card Reader ...
Proximity authentication Proximity authentication is an authentication method that permits a user to unlock a BlackBerry® device using the BlackBerry
factor content protection mandatory or optional, or to prevent a user from configuring it, you can use the Two-factor Content Protection Usage IT pol
BlackBerry Smart Card Reader supported algorithms Algorithm type Algorithm elliptic curve (default) • 571-bit Koblitz Curve (EC571K1) • 521-bit Ra
Connection key establishment protocol errors During the connection key establishment protocol process, if an error occurs on the BlackBerry® device,
Application layer protocol encryption and authentication By default, each data packet that a BlackBerry® device or computer and the BlackBerry® Smart
BlackBerry Smart Card Reader shared cryptosystem parameters The BlackBerry® Smart Card Reader and a BlackBerry device or computer with the BlackBerry
Examples of attacks that the BlackBerry Smart Card Reader security protocols are designed to prevent Eavesdropping An eavesdropping event occurs when
yxS = yxzP, for some z such that S = zP. To calculate yxP from yzxP without knowledge of z corresponds to solving the discrete logarithm problem, whi
Smart card binding information When you or a user turns on two-factor authentication on a BlackBerry® device, the BlackBerry device binds to the inst
BlackBerry Smart Card Reader reset process When a user resets the BlackBerry® Smart Card Reader, the BlackBerry Smart Card Reader performs the follow
BlackBerry Smart Card Reader shared cryptosystem parameters...25 Examples of attack
Related resources Resource Information BlackBerry Enterprise Solution Security Technical Overview • preventing the decryption of information at an
Glossary AES Advanced Encryption Standard API application programming interface CBC cipher block chaining ECDH Elliptic Curve Diffie-Hellman HMAC key
Provide feedback To provide feedback on this deliverable, visit www.blackberry.com/docsfeedback. 32
Legal notice Document ID: 25979072 version 3 ©2009 Research In Motion Limited. All rights reserved. BlackBerry®, RIM®, Research In Motion®, SureType®
should not install or use Third Party Products and Services until all necessary licenses have been acquired. Any Third Party Products and Services th
BlackBerry Smart Card Reader The BlackBerry® Smart Card Reader is an accessory that, when used in proximity to certain Bluetooth® enabled BlackBerry
New in this release Feature Description proximity authentication Proximity authentication is an authentication method that permits a user to unlock
System requirements The BlackBerry® Smart Card Reader supports the following software and BlackBerry devices: BlackBerry Enterprise Server software
System architecture The BlackBerry® Smart Card Reader is designed to connect to a Bluetooth® enabled BlackBerry device and a Bluetooth enabled comput
BlackBerry Enterprise Solution security The BlackBerry® Enterprise Solution is designed to encrypt data that is in transit at all points between a Bl
Restricting Bluetooth technology on a Bluetooth enabled computer On a Bluetooth® enabled computer, when a Bluetooth wireless adaptor exists and is tu
Kommentare zu diesen Handbüchern