Welcome to Port3101.org : Your BES Connection Mark forums read | View Forum Leaders
Port3101.org : Your BES Connection



Reply
LinkBack Thread Tools Display Modes
KB13160 - BES encryption algorithms and the impact to BlackBerry smartphone users
 
  #1 (permalink)  
Old 05-26-2009, 02:09 PM
hdawg's Avatar
Proprietor
 
Join Date: Nov 2008
Posts: 2,257
Blog Entries: 147
Default KB13160 - BES encryption algorithms and the impact to BlackBerry smartphone users

KB13160 - BlackBerry Enterprise Server encryption algorithms and the impact to BlackBerry smartphone users


Environment

  • BlackBerry® Enterprise Server version 4.0 to 4.1.6



Overview

BlackBerry Enterprise Server uses two types of encryption algorithms:
  • Triple Data Encryption Standard (Triple DES)
  • Advanced Encryption Standard (AES)
BlackBerry Enterprise Server encryption algorithms can be implemented in three ways:
  1. Triple DES
  2. AES
  3. Triple DES and AES (both encryption types are supported and any BlackBerry smartphone using Triple DES will eventually be upgraded to AES)
If the encryption algorithm is to be changed on the BlackBerry Enterprise Server from one setting to another, the following must be considered:
  1. When changing from Triple DES encryption to AES encryption - BlackBerry smartphone users must manually regenerate an encryption key from the smartphone. For more information, see KB10836.
  2. When changing from AES encryption to Triple DES encryption - BlackBerry smartphone users must manually regenerate an encryption key from the smartphone. For more information, see KB10836.
  3. When changing from Triple DES encryption to Triple DES and AES encryption - BlackBerry smartphone users will be automatically be updated to AES encryption.
  4. When changing from AES encryption to Triple DES and AES encryption - nothing will change because the BlackBerry smartphone is already using AES encryption.
  5. When changing from Triple DES and AES encryption to AES encryption - nothing will change because the BlackBerry smartphone is already using AES encryption.
  6. When changing from Triple DES and AES encryption to Triple DES encryption - BlackBerry smartphone users will have to manually regenerate an encryption key from the BlackBerry smartphone. For more information, see KB10836.
In environments where there is more than one BlackBerry Enterprise Server sharing a single BlackBerry Configuration Database, the option to move a BlackBerry smartphone user from one BlackBerry Enterprise Server to another BlackBerry Enterprise Server is available. If the encryption algorithms are different between the two BlackBerry Enterprise Servers, different scenarios occur as follows:
  1. When a BlackBerry smartphone user is moved from a BlackBerry Enterprise Server with Triple DES and AES encryption selected to a BlackBerry Enterprise Server with Triple DES encryption, the BlackBerry smartphone must be re-activated because the encryption will be downgrading to from AES encryption to Triple DES encryption.
  2. When a BlackBerry smartphone user is moved from a BlackBerry Enterprise Server with Triple DES encryption to a BlackBerry Enterprise Server with Triple DES and AES encryption selected, the BlackBerry smartphone user will continue to use the smartphone Triple DES encryption until a new encryption key is generated either manually, through the policy interval settings on the BlackBerry Enterprise Server or 30 days passes. The new key will use AES encryption.
  3. When a BlackBerry smartphone user is moved from a BlackBerry Enterprise Server with Triple DES encryption to a BlackBerry Enterprise Server with AES encryption, the BlackBerry smartphone will have to be re-activated.
  4. When a BlackBerry smartphone user is moved from a BlackBerry Enterprise Server with AES encryption to a BlackBerry Enterprise Server with Triple DES encryption, the BlackBerry smartphone will have to be re-activated.
  5. When a BlackBerry smartphone user is moved from a BlackBerry Enterprise Server with AES encryption to a BlackBerry Enterprise Server with Triple DES and AES encryption selected, there will be no change in the encryption on the BlackBerry smartphone.
__________________
http://blog.port3101.org/hdawg/
Reply With Quote
Sponsored Links
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
KB11260 - How to seamlessly move BlackBerry smartphone users from one BES to another hdawg Featured BlackBerry KB Articles 1 08-30-2009 12:24 PM
KB11638 - Add and remove BlackBerry smartphone users from a BES hdawg Featured BlackBerry KB Articles 0 06-16-2009 11:20 AM
KB04725 - Identifying BlackBerry smartphone encryption method hdawg Featured BlackBerry KB Articles 0 06-02-2009 08:32 PM
KB10287 - Unable to add BlackBerry smartphone users in BlackBerry Manager hdawg Featured BlackBerry KB Articles 0 05-26-2009 09:56 AM
KB17760 - BlackBerry smartphone users are able to run apps after being disabled hdawg Featured BlackBerry KB Articles 0 05-26-2009 12:59 AM


All times are GMT -4. The time now is 10:20 AM.
Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2019, vBulletin Solutions, Inc.


 

SEO by vBSEO 3.3.2 PL2