Opening An Encrypted And Authenticated Connection Between A Tablet And Smartphone; The Bluetooth Pairing Process - Blackberry PlayBook Security Technical Overview

Security Technical Overview
Opening an encrypted and authenticated
connection between a tablet and smartphone
A BlackBerry PlayBook tablet and BlackBerry smartphone perform two pairing processes to open an encrypted and
authenticated connection between each other:
• Bluetooth pairing process to open a Bluetooth connection
• BlackBerry Bridge pairing process to provide a level of security that is greater than what the Bluetooth pairing
process provides
During the Bluetooth pairing process, the tablet and smartphone share a Bluetooth key to encrypt and decrypt
data that is sent between the tablet and smartphone.
During the BlackBerry Bridge pairing process, the tablet and smartphone share a BlackBerry Bridge pairing key to
authenticate the connection and encrypt and decrypt data that is sent between the tablet and smartphone.
During the BlackBerry Bridge pairing process, the tablet and smartphone also share the BlackBerry Bridge work
key if the smartphone was activated on a BlackBerry Enterprise Server. The tablet uses the 512-bit BlackBerry
Bridge work key and XTS-AES-256 to encrypt the keys that encrypt and decrypt the work data that the tablet
stores.
A user can start a Bluetooth pairing process and BlackBerry Bridge pairing process on a tablet or smartphone in
one step. To start the pairing processes, the user can add a smartphone in the Paired Device options on the tablet
or in the BlackBerry Bridge application on the device.
If the BlackBerry PlayBook tablet user presses and holds the power key to reset the tablet, the tablet erases the
BlackBerry Bridge work key from memory.

The Bluetooth pairing process

Bluetooth technology permits a BlackBerry PlayBook tablet and a BlackBerry smartphone to open a wireless
connection between each other.
Bluetooth profiles on the tablet and smartphone specify how Bluetooth enabled applications can connect and run.
The Bluetooth Serial Port Profile that is on the tablet and smartphone specifies how the tablet and smartphone
can open a serial connection between each other using a virtual serial port.
By default, a tablet and smartphone include the following Bluetooth security features:
• A user can turn off the Bluetooth technology for the tablet or smartphone. You can turn off the Bluetooth
technology for the smartphone using IT policies.
• A user must request a connection, or pairing, between the tablet and smartphone. A user can connect a tablet
and smartphone by scanning a barcode or manually configuring the connection (and typing a shared secret to
complete the pairing).
• If a user connects or reconnects a tablet to a smartphone that requires a password, the user must type the
smartphone password on the tablet.
• A user can delete a Bluetooth connection between a tablet and smartphone in the Bluetooth settings on a tablet.
8

Opening an encrypted and authenticated connection between a tablet and smartphone

4