Blackberry Smart Card Reader Betriebsanweisung

BlackBerry Smart Card Reader Version 2.0 Security Technical Overview

BlackBerry Smart Card Reader security The BlackBerry® Smart Card Reader is designed to prevent offline and online dictionary attacks using the follow

11 Security method Description code signing Before a user can run a permitted third-party application that uses the controlled APIs on the Black

• prevent third-party applications that have obtained a digital signature from the Research In Motion signing authority system from using the BlackB

13 IT policy rule Description Maximum Connection Heartbeat Period This rule specifies the maximum heartbeat period, in seconds. During each hear

14 IT policy rule Description Maximum PC Long Term Timeout This rule specifies the maximum time, in hours, after a computer and the BlackBerry S

Card Reader and the BlackBerry device or computer. By default, the secure pairing PIN is 8 characters long and is case-sensitive. If your organizatio

4. The BlackBerry Smart Card Reader creates a list of all the algorithms that it supports and sends the supported algorithms list to the BlackBerry

The connection key establishment protocol uses the ECDH algorithm that the initial key establishment protocol negotiates. The ECDH algorithm provides

For more information about variables used in this process, see “BlackBerry Smart Card Reader shared cryptosystem parameters”. The connection key esta

• The BlackBerry device binds to the installed smart card automatically by storing the smart card binding information in a BlackBerry device NV stor

Contents BlackBerry Smart Card Reader ...

Proximity authentication Proximity authentication is an authentication method that permits a user to unlock a BlackBerry® device using the BlackBerry

factor content protection mandatory or optional, or to prevent a user from configuring it, you can use the Two-factor Content Protection Usage IT pol

BlackBerry Smart Card Reader supported algorithms Algorithm type Algorithm elliptic curve (default) • 571-bit Koblitz Curve (EC571K1) • 521-bit Ra

Connection key establishment protocol errors During the connection key establishment protocol process, if an error occurs on the BlackBerry® device,

Application layer protocol encryption and authentication By default, each data packet that a BlackBerry® device or computer and the BlackBerry® Smart

BlackBerry Smart Card Reader shared cryptosystem parameters The BlackBerry® Smart Card Reader and a BlackBerry device or computer with the BlackBerry

Examples of attacks that the BlackBerry Smart Card Reader security protocols are designed to prevent Eavesdropping An eavesdropping event occurs when

yxS = yxzP, for some z such that S = zP. To calculate yxP from yzxP without knowledge of z corresponds to solving the discrete logarithm problem, whi

Smart card binding information When you or a user turns on two-factor authentication on a BlackBerry® device, the BlackBerry device binds to the inst

BlackBerry Smart Card Reader reset process When a user resets the BlackBerry® Smart Card Reader, the BlackBerry Smart Card Reader performs the follow

BlackBerry Smart Card Reader shared cryptosystem parameters...25 Examples of attack

Related resources Resource Information BlackBerry Enterprise Solution Security Technical Overview • preventing the decryption of information at an

Glossary AES Advanced Encryption Standard API application programming interface CBC cipher block chaining ECDH Elliptic Curve Diffie-Hellman HMAC key

Provide feedback To provide feedback on this deliverable, visit www.blackberry.com/docsfeedback. 32

Legal notice Document ID: 25979072 version 3 ©2009 Research In Motion Limited. All rights reserved. BlackBerry®, RIM®, Research In Motion®, SureType®

should not install or use Third Party Products and Services until all necessary licenses have been acquired. Any Third Party Products and Services th

BlackBerry Smart Card Reader The BlackBerry® Smart Card Reader is an accessory that, when used in proximity to certain Bluetooth® enabled BlackBerry

New in this release Feature Description proximity authentication Proximity authentication is an authentication method that permits a user to unlock

System requirements The BlackBerry® Smart Card Reader supports the following software and BlackBerry devices: BlackBerry Enterprise Server software

System architecture The BlackBerry® Smart Card Reader is designed to connect to a Bluetooth® enabled BlackBerry device and a Bluetooth enabled comput

BlackBerry Enterprise Solution security The BlackBerry® Enterprise Solution is designed to encrypt data that is in transit at all points between a Bl

Restricting Bluetooth technology on a Bluetooth enabled computer On a Bluetooth® enabled computer, when a Bluetooth wireless adaptor exists and is tu