Asymmetric encryption for BlackBerry
Darmstadt-based vendor Corisecio GmbH intends to disperse repeated concerns about the smartphone's security architecture with its Mobile PKI for BlackBerry devices. The product consists of a Certificate Authority (CA) which generates the keys and certificates required for communication, and a client that needs to be installed on the mobile device.
Once all the components are in place, any data synchronisation between the Exchange Server and the BlackBerry device will be AES encrypted. According to the vendor it is also possible to use other CAs, for example Microsoft's standard product.
The Federal Office for Information Security in Germany is among those who have voiced worries about BlackBerry's security. At the end of 2008, however, the Fraunhofer Institute for Secure Information Technology found no security flaws. Despite this, a number of companies and government institutions continue to have reservations because all of the data traffic between the mobile devices and the company's Exchange Servers is routed via three network nodes operated by device manufacturer RIM, in the US, in Canada and in the UK. It is feared that intelligence services could gain access to messages there. There has been some concern over the use of BlackBerry devices by prominent public figures, such as US President Barack Obama.
- RIM closes critical holes in BlackBerry
- Fraunhofer SIT certifies BlackBerry security
- Times of India reports alleged BlackBerry decryption
- Critical vulnerability in BlackBerry Enterprise Server [Update]
- BlackBerry receives Common Criteria certification
- This number is not available: DoS vulnerabilities in BlackBerry
- No more BlackBerrys for the French government
- Fraunhofer SIT presents initial results of their BlackBerry study