Table of Contents
Advertisement
BlackBerry Enterprise Solution
4. The BlackBerry device performs the following actions:
•
picks d randomly
•
calculates D = dP
•
store D in flash memory
•
calculates K = dB.
5. The BlackBerry device uses K to encrypt the current BlackBerry device password, and uses the encrypted
password to encrypt the content protection key.
6. The BlackBerry device permanently deletes d and K.
When the BlackBerry device permanently deletes d, the data that remains stored on the BlackBerry device is
not sufficient to recover K. Only the BlackBerry Enterprise Server knows b and can recalculate K = dB = dbP
= bD if given d.
Appendix L: Protocol for resetting the password on a content-protected
BlackBerry device remotely
The protocol for resetting the password on a content-protected BlackBerry device remotely uses elliptic curve
cryptography over the NIST recommended 521 bit elliptic curve over a prime field to derive an encryption key
from the IT policy public key that the BlackBerry Enterprise Server generates, and use that key to encrypt the
content protection key using the encrypted BlackBerry device password. When the BlackBerry Enterprise Server
administrator tries to set the BlackBerry device password, the BlackBerry device can rely on the BlackBerry
Enterprise Server to provide the data required to reconstruct the derived encryption key. The protocol also uses
blinding to prevent the BlackBerry Enterprise Server from reconstructing the derived key itself.
Cryptosystem parameters
The BlackBerry Enterprise Server and the BlackBerry device are designed to share the following cryptosystem
parameters when using the protocol for resetting the password on a content-protected BlackBerry device
remotely.
Parameter
Description
E(Fq)
the NIST-approved 521-bit random elliptic curve over Fq, which has a cofactor of 1
Fq
a finite field of prime order q
P
a point of E that generates a prime subgroup of E(Fq) of order p
B = bP
the long-term IT policy public and private key pair that the BlackBerry Enterprise Server
generates for the BlackBerry device; the BlackBerry Enterprise Server stores b in the
BlackBerry configuration database, and sends B to the BlackBerry device in the IT policy
D = dP
the key pair that the BlackBerry device creates when it receives B; the BlackBerry device stores
D but deletes d to prevent a hardware-based attack from recovering d and B, and then
calculating K = dB
K = dB
the encryption key that the BlackBerry device uses to encrypt the content protection key
r
a short term random number that the BlackBerry device stores in RAM
D' = rD
a blinded version of D
K' = bD' =
a blinded version of K
brD = rK
Uppercase letters represent elliptic curve points. Lowercase letters represent scalars. The elliptic curve group
operations are additive.
©
2009 Research In Motion Limited. All rights reserved.
www.blackberry.com
89
Advertisement
Table of Contents
