And the world has suddenly gone paranoid and/or Big-Brother with RIM:
- In the UAE where “The issue … against BlackBerry’s super-secure encrypted services” (Reuters);
- In India where “Indian officials say they need to be able to intercept BlackBerry messages” (Information Week);
- In Indonesia where “We don’t know whether data being sent through BlackBerrys can be intercepted or read by third parties outside the country,” (USA Today).
Their arguments are around the inability by the respective governments to monitor messages due to BlackBerry’s 1) strong encryption products and RIM not willing to share the device’s master-key to break into the messages, and 2) RIM’s central Infrastructure with data-centers in Canada and the UK.
From Reuters article:
“We are very clear that any BlackBerry service that cannot be fully intercepted by our agencies must be discontinued. Offering access to data is part of the telecom licensing guidelines and has to be adhered to,” the newspaper quoted an unnamed security official as saying.
There are two solutions for BlackBerry: 1) BlackBerry Internet Service and 2) BlackBerry Enterprise solution.
The BlackBerry Internet Service is not necessarily that secure:
Email messages and instant messages that are sent between the BlackBerry® Internet Service and your BlackBerry device use the security features of the wireless network. Messages that are sent between your messaging server and the BlackBerry Internet Service are automatically encrypted if the server supports SSL encryption.
Other encryption mechanisms include PGP and S/MIME.
On the other hand, the security in the BlackBerry Enterprise solution is super strong.
The BlackBerry Enterprise Solution offers end-to-end encryption between the BlackBerry device and the BlackBerry Enterprise Server (that resides at the enterprise’s premises) by using Advanced Encryption Standard (AES) or Triple Data Encryption Standard (Triple DES).
The BlackBerry is not PKI-based but uses symmetric cryptography, meaning that there is a master-key. In BlackBerry there is a unique master-key for each device and a per-message-key that are dynamically generated. Messages are encrypted using the per-message key, and the per-message key is in turn encrypted using the master-key. The master-key resides on the device itself as well as inside the BlackBerry Enterprise Server (BES), that again resides at the enterprise’s premises and not at the operator nor Canada or the UK RIM data-centers.
The RIM folks made a public statement as follows:
“The BlackBerry security architecture for enterprise customers is based on a symmetric key system whereby the customer creates their own key and only the customer ever possesses a copy of their encryption key. RIM does not possess a “master key”, nor does any “back door” exist in the system that would allow RIM or any third party to gain unauthorized access to the key or corporate data.”
But what is that article from India Times?
India Times wrote an article BlackBerry to open code for security check that reads:
The company has offered to share with security agencies its technical codes for corporate email services, open up access to all consumer emails within 15 days and also develop tools in 6 to 8 months to allow monitoring of chats, telecom department documents (dated August 2) available with ET show.
So what is it? Is RIM opening or not? What does “technical codes for corporate email services” really means? Master-keys?
Based on BlackBerry’s architecture I don’t see how RIM can accommodate the above request for enterprise users unless RIM show the governments how to break and retrieve the master-keys from the Enterprises servers themselves. But for BlackBerry Internet Service (consumers) yes they can easily do it by just handing over the intercepted messages themselves, unless the messages are encrypted with SSL or PGP or S/MIME in which case it is not RIM’s problem.
What are the implications?
First, what all of the above means is that the issue against RIM is really against BlackBerry enterprise users (i.e. businesses) and that the argument against the central network architecture of the BlackBerry Infrastructure is really inconsequential since regardless of where the central servers reside, across the globe or local to the country, they won’t be able to easily break the symmetric encryption (remember, the master-keys don’t reside at the central data-centers anyway).
(If you think about it, regional servers would actually help RIM alleviate the management of BlackBerry handset-traffic by managing it regionally; assuming there is something to alleviate.)
So what this means is that the issue should not really be about the location of the servers themselves, but the real issue here is obviously the requests by the respective governments to monitor the messages themselves.
The next logical question is: “Must all services that cannot be intercepted must be discontinued in those countries?”
RIM is in over 175 countries and even Obama uses RIM. And the world relies daily on Public-Key cryptography and infrastructure for online transactions and secure messages. If governments were to force a change that would break PKI or BlackBerry for that matter, that will be the end of secure online transactions; you won’t be able to trust online purchases or share information in a secure fashion. If governments can break into it, so will hackers.
Shutting down the BlackBerry services seems unlikely to me. Will RIM be forced to change their architecture/infrastructure to satisfy these governments? Perhaps RIM should do a Google (as when it pulled out of China).
And how is the market responding/treating RIM because of this debacle? “RIM’s Nasdaq-listed shares [RIMM 53.39 -2.14 (-3.85%)] ended down 2.5 percent at $55.53 while its Toronto-listed shares fell 4 percent to C$56.77. (CNBC.com) — and the ironic thing is that I bet you that those same traders are BlackBerry users themselves who wouldn’t think about using their devices without strong encryption…
Related to this: