Table of Contents
Advertisement
BlackBerry Enterprise Solution
Standard BlackBerry message encryption
Standard BlackBerry encryption is designed to encrypt messages that the BlackBerry device sends or that the
BlackBerry Enterprise Server forwards to the BlackBerry device. Standard BlackBerry encryption encrypts the
message
•
from the time a user sends an email message from the BlackBerry device until the BlackBerry Enterprise
Server receives the message
•
from the time the BlackBerry Enterprise Server receives a message sent to a BlackBerry device
user until that user reads the message on the BlackBerry device
When a user sends a message from the BlackBerry device, the BlackBerry Enterprise Server does not encrypt the
message when it forwards the message to the message recipient unless the BlackBerry device user installs
additional secure messaging technology on the BlackBerry device and the BlackBerry Enterprise Server
administrator has enabled the BlackBerry device to use that secure messaging technology to extend the
messaging security. For more information, see "Extending BlackBerry device messaging security" on page 22.
Process for standard BlackBerry message encryption
When a user sends a message from the BlackBerry device, the BlackBerry device and BlackBerry Enterprise
Server use symmetric key cryptography to encrypt and decrypt the message, using the following process:
1.
The BlackBerry device compresses the message.
2.
The BlackBerry device encrypts the message using the message key.
3. The BlackBerry device encrypts the message key using the master encryption key, which is unique to that
BlackBerry device.
4. The BlackBerry device sends the encrypted message key and the encrypted message.
5. The BlackBerry Enterprise Server receives the encrypted message key and the encrypted message from the
BlackBerry device.
6. The BlackBerry Enterprise Server decrypts the message key using the BlackBerry device master encryption
key.
7.
The BlackBerry Enterprise Server decrypts the message using the message key.
8. The BlackBerry Enterprise Server decompresses the message, and then forwards the message to the
intended recipient.
When a BlackBerry device user receives a message, the following occurs:
1.
The BlackBerry Enterprise Server receives the message.
2.
The BlackBerry Enterprise Server compresses the message.
3. The BlackBerry Enterprise Server encrypts the message using the message key.
4. The BlackBerry Enterprise Server encrypts the message key using the user's BlackBerry device master
encryption key.
5. The BlackBerry Enterprise Server sends the encrypted message and the encrypted message key to the user's
BlackBerry device.
6. The BlackBerry device receives the encrypted message and the encrypted message key.
7.
The BlackBerry device decrypts the message key using the master encryption key, which is unique to that
BlackBerry device.
8. The BlackBerry device decrypts the message using the message key.
9. The BlackBerry device decompresses the message, rendering it readable by the BlackBerry device user.
www.blackberry.com
17
Advertisement
Table of Contents
