Blackberry security – Statement from RIM:

From “The Times of India” – Blackberry refuses to help on security

NEW DELHI: The stand-off between the Indian government and BlackBerry manufacturer Research in Motion (RIM) intensified on Tuesday, with RIM stating that it would not “compromise the integrity and security of the BlackBerry Enterprise Solution“. It added that “RIM would simply be unable to accommodate any request for a copy of a customer’s encryption key since at no time does RIM, or any wireless network operator, ever possess a copy of the key”.

Security agencies are concerned that BlackBerry’s encrypted services could pose a national security threat. They have been seeking access to these services.

However, in a statement titled “Customer Update”, RIM said, “The BlackBerry security architecture for enterprise customers is based on a symmetric key system whereby the customer creates their own key and only the customer ever possesses a copy of their encryption key. RIM does not possess a master key, nor does any back door exist in the system that would allow RIM or any third party to gain unauthorized access to the key or corporate data.”

“The BlackBerry security architecture for enterprise customers is purposefully designed to exclude the capability for RIM or any third party to read encrypted information under any circumstances. RIM would simply be unable to accommodate any request for a copy of a customers encryption key since at no time does RIM, or any wireless network operator, ever possess a copy of the key,” explained the statement.

It also said that the location of data centres and the customers choice of wireless network are “irrelevant factors from a security perspective since end-to-end encryption is utilized…and all data remains encrypted through all points of transfer between the customers BlackBerry Enterprise Server and the customers device.”

Notes on the above:

The things that RIM did not say about security in their carefully worded statement are perhaps as noteworthy as the things they did say.  After a brief perusal of RIM’s own security documentation and various statements quoted in the news, I came to the conclusion that:

• RIM rightly states they never have access to the encryption key.  However, they say nothing about the decryption/authentication key(s).  In other words, RIM cannot overcome the integrity and authenticity assurance features in their communications security design, but they might potentially be able to breach the confidentiality of data transmitted via their own servers.
• Corporate/ Enterprise data is outside RIM’s control and RIM might never see those data, but this does not tell us anything about data transmitted to/from personal Blackberry devices.  These data, apparently, travel to the device either via RIM’s own servers in Canada or in RIM’s servers in the UK.  They have not stated that they do not have access to these data.

In other words, there is an easy solution to the crisis:

• RIM should grant legal wiretaps as justified by legitimate law-enforcement agencies according to internationally agreed standards.  (So far as I am aware, no international conventions exist yet to govern such disclosures.)  In other cases, RIM should continue protecting and developing their security infrastructure, and the privacy of their law-abiding clients.
• Governments should stop knocking on RIM’s door, asking for data that only corporations can provide.  Those governments should instead put pressure on the corporations controlling their own Enterprise Blackberry servers, to release any data those governments suspect to be related to criminal activity.  RIM should restrict Blackberry Enterprise Solution sales to those customers with the culture, resources and infrastructure to make legitimate disclosures, and not make inappropriate disclosures of employee data (i.e., if RIM has reason to suspect that a potential Blackberry Enterprise Solution customer could not support the dual principles of data protection and legitimate disclosure, the sale should not go ahead.)

Of course, this leads us back into the standard debate, of the proper boundaries between individual rights to privacy and governmental responsibilities to assuring security to their people.  There are potential dangers on all sides.  If governments are given too much scope for snooping on private data, we might soon find government agents using their privileges for inappropriate purposes – or using purported criminal investigations as a premise for extorting trade secrets from foreign corporations to divulge these secrets to domestic industries and give the latter an unfair advantage.  On the other hand, how are we to know that the concerns of the Indian, Saudi Arabian and U.A.E. governments are not fully legitimate?

Considering the apparent advantages of RIM’s technology, in integrity and authentication, and for public servants and enterprises at least, the benefits of confidentiality; governments, enterprises and individuals should all favour RIM’s Blackberry encryption technology over and above their competition.  If only the rest of the internet followed RIM’s lead, we might see an end to spam, and innocent pensioners in Britain might stop being accused of downloading contraband copies of pornography; at least, until the bad guys find a way to circumvent RIM’s technology.  We might yet see the beginning of international agreement on the legitimate rights of governments and individuals; and it might start from one of the most unlikely of sources – a trade dispute over RIM’s access to emerging markets.