Skip to main content

Blackberry and the Sheiks


Advances in communication – and the proactive deployment of privacy enhancing tools and techniques in communication devices, such as the Blackberry smart-phones is finally causing heart burns for despots around the World. There is news today that several middle eastern despotic government (as if any of them is not) have either requested that Blackberry stop selling its smart phones in their nations or that certain services be restricted from those devices
Here is a Bloomberg story on that, and here is Reuters take on it too. I am sure the encryption mechanism in question is the Elliptic Curve Cryptographic libraries available on all Blackberry devices since 2006, after BlackBerry followed the NSA to license the libraries from Certicom. I have written a thesis (for my Master’s degree) on the use of ECC in mobile devices, particularly smart-phones , in 2004 and it is quite satisfying to see that prediction not only coming to pass but also observe that the crypto systems are robust enough (at least for now) to forestall their defeat by more pedestrian means.
This news appeared in the business dailies for obvious reasons – There are potential profit impacts for Blackberry, if it can not device a politically acceptable solution to meet the demands of the governments of these Middle Eastern nations. Apparently, even India had to deal with its own version of this problem earlier and it appears there was some agreement with the Indian government in 2008 or so on a way to accommodate their need to eavesdrop on their citizen, without as much as a national debate (what Americans have come to take for granted).
This case is a double edged sword for all concerned, particularly for Blackberry. The strength of the ECC in the Blackberry devices and their downstream systems (the Blackberry enterprise email servers – also used for consumer email solutions at Blackberry data centers) is one of the reasons the US secret service permitted its use by the President of the United States. Elliptic curve based key management system is so efficient that its implementation in devices with small form factors (and thus less powerful processors) can be trusted to provide similar level of protection and performance as very high bit RSA key exchange mechanism. The US may already have a lock on ECC interception given its massive investment in code breaking techniques and its relationship with Certicom (brings to mind the DES myth). But we’ll see how this plays out in coming months.
I have not seen any other smartphone device with the same level of cryptographic capabilities as the Blackberry. The most popular ECC libraries are the ones licensed by Certicom, and although ECC has found its way into openssl and other crypto-frameworks, its popular adoption – and the value of that adoption is what is being debated now. Indeed, many users hardly pay any attention to these details, but some business leaders are always cognizant of espionage as are many government agencies.  If the middle eastern despots win, that will be a loss for the consumer and e-commerce etc.

Comments

Post a Comment

Popular posts from this blog

Excerpts from a Messaging & Collaboration White Paper

Current Trends – Cloud (Hosted) Messaging Solutions Email is only one of a growing portfolio of services in what is routinely referred to as Unified Communication (UC) infrastructure. From the hardware and infrastructure point of view, this often means the integration of network systems for telephone (landlines), internet (data link), video (conferencing, cable etc.) and cellular communication. From the services point of view, the usual term is Unified Messaging (UM) – which encompasses email, voice mail, video mail, instant messaging, and SMS messaging. Other components of UM include social networking sites and tools such as RSS, Facebook, Twitter, Google Voice, Google Wave [1] , document management, project management and a growing catalog of innovative solutions. Messaging platforms are evolving and as vendors make these capabilities available in their free consumer versions, business user expectations are also being shaped by their experiences on thes...
2 comments
Read more

iOS Developer Program License Agreement

LEASE READ THE FOLLOWING LICENSE AGREEMENT TERMS AND CONDITIONS CAREFULLY BEFORE DOWNLOADING OR USING THE APPLE SOFTWARE. THESE TERMS AND CONDITIONS CONSTITUTE A LEGAL AGREEMENT BETWEEN YOU AND APPLE. iOS Developer Program License Agreement Purpose You would like to use the Apple Software (as defined below) to develop one or more Applications (as defined below) for Apple-branded products running the iOS. Apple is willing to grant You a limited license to use the Apple Software to develop and test Your Applications on the terms and conditions set forth in this Agreement. Applications developed under this Agreement can be distributed in two ways: (1) through the App Store, if selected by Apple, and (2) on a limited basis for use on Registered Devices (as defined below). Applications that meet Apple's Documentation and Program Requirements may be submitted for consideration by Apple for distribution via the App Store. If submitted by You and selected by Apple, Your Appli...
Post a Comment
Read more

Obama : The Country We Believe In

A speech by The President of the United States of America, Barack Obama, on April 13, 2011 at Goerge Washington University... Good afternoon.  It’s great to be back at GW.  I want you to know that one of the reasons I kept the government open was so I could be here today with all of you.  I wanted to make sure you had one more excuse to skip class.  You’re welcome.
4 comments
Read more