No `master key` to access encrypted data: RIM
As India`s deadline of August 31 over access to its ultra-encrypted messenger and email services approaches, BlackBerry maker RIM said it has no "master key" or "back door" to accommodate requests for access to encrypted data.
Toronto: As India`s deadline of August 31 over access to its ultra-encrypted messenger and email services approaches, BlackBerry maker Research In Motion (RIM) said it has no "master key" or "back door" to accommodate requests for access to encrypted data.
In a bid to dispel what it called three "misperceptions" about its smart phone on Thursday, the Canadian company said misperception number one is that "RIM has the keys to decode or decrypt the encrypted data that flows through the BlackBerry Enterprise Solution."
However, the company said, "RIM does not possess a `master key,` nor does any `back door` exist in the system that would allow RIM or any third party, under any circumstances, to gain access to encrypted corporate information.
"In order to provide corporate customers with the necessary confidence that the transmission of their valuable and confidential data is completely secure, the BlackBerry security architecture for enterprise customers was purposely designed to exclude the capability for RIM or any third party to read encrypted information. RIM would simply be unable to accommodate any request for a copy of a customer`s encryption key since at no time does RIM, ever possess a copy of the key.``
Referring to another misperception that "locating BlackBerry Infrastructure within India, or within any particular geography, will somehow aid the government`s access to encrypted information,`` RIM said, "In fact, the BlackBerry Enterprise Server security architecture was also purposefully designed to perform as a global system independent of geography. The location of infrastructure and the customer`s choice of wireless network are irrelevant factors from a security perspective where end-to-end encryption is employed.
"The transmission of encrypted data is no more decipherable or less secure based on the location of RIM`s BlackBerry Infrastructure or the customer`s selection of a wireless network. All data remains encrypted at all times and through all points of transfer between the customer`s BlackBerry Enterprise Server and the customer`s device (at no point in the transfer is data decrypted and re-encrypted).
"Therefore, locating BlackBerry Infrastructure in a particular geography does not in any way aid or offer access to the encrypted information that flows through the BlackBerry Infrastructure.``
About the third misperception that "RIM has offered solutions to certain governments and denied the same to others,`` the wireless giant said, "In fact, while RIM does not disclose confidential regulatory discussions that take place with any government, RIM assures both its customers in India and the Government of India that RIM maintains a consistent global standard for lawful access requirements that does not include special deals for specific countries.``