We don’t have ‘master key’ to access encrypted data: BlackBerry (Lead)

August 27th, 2010 - 4:11 pm ICT by IANS  

By Gurmukh Singh
Toronto, Aug 27 (IANS) With India’s Aug 31 deadline for access to its ultra-encrypted messenger and email services approaching, BlackBerry maker Research In Motion (RIM) said it has no “master key” or “back door” to accommodate requests for access to encrypted data.

In a bid to dispel what it called three “misperceptions” about its smart phone, the Canadian company Thursday said that the first misperception is that “RIM has the keys to decode or decrypt the encrypted data that flows through the BlackBerry Enterprise Solution”.

The company said: “RIM does not possess a ‘master key’, nor does any ‘back door’ exist in the system that would allow RIM or any third party, under any circumstances, to gain access to encrypted corporate information.”

“In order to provide corporate customers with the necessary confidence that the transmission of their valuable and confidential data is completely secure, the BlackBerry security architecture for enterprise customers was purposely designed to exclude the capability for RIM or any third party to read encrypted information. RIM would simply be unable to accommodate any request for a copy of a customer’s encryption key since at no time does RIM, ever possess a copy of the key.”

Referring to another misperception that “locating BlackBerry Infrastructure within India, or within any particular geography, will somehow aid the government’s access to encrypted information”, RIM said: “In fact, the BlackBerry Enterprise Server security architecture was also purposefully designed to perform as a global system independent of geography.”

“The transmission of encrypted data is no more decipherable or less secure based on the location of RIM’s BlackBerry Infrastructure or the customer’s selection of a wireless network. All data remains encrypted at all times and through all points of transfer between the customer’s BlackBerry Enterprise Server and the customer’s device (at no point in the transfer is data decrypted and re-encrypted).

“Therefore, locating BlackBerry Infrastructure in a particular geography does not in any way aid or offer access to the encrypted information that flows through the BlackBerry Infrastructure.”

About the third misperception that “RIM has offered solutions to certain governments and denied the same to others”, the wireless giant said: “RIM assures both its customers in India and the government of India that RIM maintains a consistent global standard for lawful access requirements that does not include special deals for specific countries.”

The BlackBerry maker Thursday said that use of strong encryption in wireless technology was not unique to them.

In what analysts and the media here described as an attempt by RIM to buy time from India and drag competitors into the issue, RIM Thursday issued the statement to shift focus from its messenger service to encrypted data generally.

“The use of strong encryption in wireless technology is not unique to the BlackBerry platform. It is unquestionably an industry wide matter,” RIM argued in its statement.

The BlackBerry maker, which has more than one million subscribers in India, said: “Strong encryption has become a mandatory requirement for all enterprise-class wireless email services today and is also a fundamental commercial requirement for any country to attract and maintain international business.

“Similarly strong encryption is currently used pervasively in traditional VPNs (Virtual Private Networks) on both wired and wireless networks in order to protect corporate, government and law enforcement communications.”

Singling out and banning the BlackBerry solution, the statement said, would be “ineffective and counter-productive”.

The statement said that RIM “is extending an offer to the government of India whereby RIM would lead an industry forum focused on supporting the lawful access needs of law enforcement agencies while preserving the legitimate information security needs of corporations and other organisations in India”.

The statement said that “…RIM has assured the government of India of its continued support and respect for India’s legal and national security requirements”.

Stressing that strong encryption is an important industry matter in a booming India, RIM said: “Three facts are clear. First, as India continues its path of strong economic growth and increasing international business, the need to protect the integrity and security of sensitive corporate information through strong encryption-based information and communications services will grow.”

Banning such services would severely limit the effectiveness and productivity of India’s corporations.

“Second, many countries around the world are putting in place additional policies and processes to properly address this challenge and prevent the misuse of strong encryption technologies.

“Third, this challenge can only be truly overcome if the Information and Communications Technology industry comes together as a whole to work with the government of India.”

(Gurmukh Singh can be contacted at gurmukh.s@ians.in)

Related Stories

Tags: , , , , , , , , , , , , , , , , , , ,

Posted in Business |