Apparently, the Indian government can't crack 256-bit encryption to read protected e-mails on RIM BlackBerrys. It appears RIM is willing to lend a hand, by handing over its (your) keys.
May 21, 2008
Apparently, the Indian government can't crack 256-bit encryption to read protected e-mails on RIM BlackBerrys. It appears RIM is willing to lend a hand, by handing over its (your) keys.According to this story, which ran today in The Economic Times, there's been somewhat of a riff between the Indian Department of Telecom and RIM over BlackBerry's inherently robust (until now) encryption.
Apparently, the Indian government can only break crypto if it's 40 bits, or less. So they asked RIM to fork over the keys that make it possible to decrypt the messages or reduce BlackBerry crypto to 49 bits.
From the story:
"According to officials close to the development, Canadian High Commissioner David Malone and RIM officials met telecom secretary Siddhartha Behura on May 7. "It was explained by RIM that it should be possible for the government to monitor e-mails to nonbusiness enterprise customers," sources told ET. "RIM is considering giving access to individual users' e-mail to the government. Details on this will be provided in two or three weeks," sources said."
So it appears, for now, that corporate users don't have as much to be concerned with.
RIM doesn't have much more to say on the issue:
"A RIM spokesperson said: "RIM operates in more than 135 countries around the world and respects the regulatory requirements of governments. RIM does not comment on confidential regulatory matters or speculation on such matters in any given country.""
I hope RIM grows more of a backbone and "respects" the privacy and security needs of its customers.
Once the keys are public, how long before the cryptography scheme is broken? How long before they're sold to criminals? And where does this stop? Are keys going to be made available to any government that asks?
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024