Aug 24, 2010

BlackBerry vs Indian Government

The problem that  India have had with BlackBerry email is that it’s too secure. Understandable,as we know democracy is  to regulate many aspects of their citizens’ lives.  Now somewhere the press started reporting that the that US Government actually has access to encrypted BlackBerry email, So  India - started to say: “Hey, we want that too!”(they don't even have a regulation on normal text messaging n voip . what the hell they gonna do with the encryption key)
So I want to clarify that the US Government does not have the ability to spy on encrypted BlackBerry email.
First, look at this BlackBerry architecture diagram. BlackBerry is a very secure system, when used with a BlackBerry Enterprise Server (BES). The entire content of every packet exchangedbetween a BlackBerry device and its BES is encrypted with a symmetric key (usually AES, sometimes Triple DES) that’s only known to the device and the BES. Each device has a separate key. Keys can be created and exchanged entirely within the corporate firewall, without ever being sent over the public internet (there’s also an exchange mechanism using PKI - a method that’s widely used and secure even outside of BlackBerry) . Both AES and TDES are secure enough that the NIST has approved them for use by the US government in sending classified information. There are no known substantive attacks to AES. 

If thats the issue of National Security ,India should also ban the voip services (skype n google) :)