1. Manuals
  2. Brands
  3. Blackberry Manuals
  4. Software
  5. ENTERPRISE SOLUTION SECURITY - ENTERPRISE SOLUTION - SECURITY...
  6. Overview

Encryption Algorithms That The Blackberry Device Supports For Use With Layer 2 Security Methods - Blackberry ENTERPRISE SOLUTION SECURITY - ENTERPRISE SOLUTION - SECURITY TECHNICAL Overview

Hide thumbs
Table of Contents

Advertisement

BlackBerry Enterprise Solution
Authentication method
EAP-TTLS
EAP-FAST
EAP-SIM
Encryption algorithms that the BlackBerry device supports for use with layer 2 security
methods
Protocol
Description
WEP
For more information about WEP, see "Requiring
protected connections to enterprise Wi-Fi networks" on
page 49.
©
2009 Research In Motion Limited. All rights reserved.
Description
EAP-TTLS is designed to extend EAP-
TLS by enabling authentication from
the authentication server to the
supplicant. When the authentication
server has used its certificate to
authenticate to the supplicant
successfully and established a
secure connection to the BlackBerry
device, the server can use an
authentication protocol over the
established secure connection to
authenticate the supplicant.
EAP-FAST is defined in RFC 4851.
EAP-FAST uses PAC dynamically to
establish a TLS connection to the
BlackBerry device and verify the
supplicant credentials over the TLS
connection.
EAP-SIM is defined in RFC 4186. It
uses the GSM SIM for authentication
and session key distribution. GSM
SIM authentication uses a
challenge-response method without
mutual authentication.
BlackBerry device implementation
The BlackBerry device supports EAP-MS-
CHAPv2 and MS-CHAPv2 as second-
phase protocols that the BlackBerry
device can use with EAP-TTLS for the
authentication credential exchange.
The root certificates of the
authentication server certificate need to
exist on the Wi-Fi enabled BlackBerry
device for EAP-TTLS authentication to
complete successfully.
The BlackBerry device supports EAP-MS-
CHAPv2 and EAP-GTC as second-phase
protocols that the BlackBerry device can
use with EAP-FAST for the authentication
credential exchange.
The BlackBerry device supports using
EAP-SIM with the credentials on the
GSM SIM only. The user does not need to
type or select credentials on the
BlackBerry device.
The user identity that EAP-SIM uses for
authentication on the BlackBerry device
is built from the IMSI according to the
3GPP technical specification 3GPP-TS-
23.003.
The BlackBerry device can receive at
least two challenges from the
authentication server to provide stronger
authentication.
Wi-Fi enabled BlackBerry
device implementation
The Wi-Fi enabled BlackBerry
device supports the use of WEP
keys.
www.blackberry.com
84

Advertisement

Table of Contents
loading

Related Manuals for Blackberry ENTERPRISE SOLUTION SECURITY - ENTERPRISE SOLUTION - SECURITY TECHNICAL

Related Content for Blackberry ENTERPRISE SOLUTION SECURITY - ENTERPRISE SOLUTION - SECURITY TECHNICAL

This manual is also suitable for:

Enterprise server 4.1

Table of Contents