GCN Tech Blog

By GCN Staff

Blog archive

BlackBerry secure enough for the President

We recently reported that if President Obama was going to use a smart phone in the White House, it would likely have to be something other than a BlackBerry that met National Security Agency specifications. That most likely meant a SME PED – a Secure Mobile Environment Portable Electronic Device that capable of accessing classified networks.

However, an encryption expert familiar with the security design of BlackBerry smart phones, and the enterprise administration systems that support them, tells GCN that a BlackBerry has all the encryption and security provisions a president would need.

Research in Motion (RIM), which makes the BlackBerry, uses Advanced Encryption Standard 256, the strongest encryption method available, and one that is approved for secret levels of communication by the NSA. Each message sent to a BlackBerry is broken into packets, each with a different encryption key code. Even if someone were to intercept a message, the key codes are so large, it would be virtually impossible to decipher them; and the contents in the packets are a meaningless scramble of data until all the packets are reassembled.

Moreover, there are more than 500 policies that an administrator can control regarding how messages are to be delivered, from or to whom, and what Internet applications can be processed. Administrators can even arrange to delete all the data at rest on a BlackBerry if it hasn’t connected to the network within a set number of hours.

BlackBerry can also support additional layers of encryption, including proprietary protocols such as HAIPE, or high assurance Internet protocol encryptor that NSA requires to access the government’s classified Secure IP Router Network (SIPRnet).

HAIPE is like having a lightweight virtual private network client on your smart phone. It loads the same encryption key on all HAIPE devices that will participate in a multicast session in advance of data transmission, creating a secure gateway that allows parties to exchange data over an untrusted or lower-classification network.

The SME PEDs now available by General Dynamics C4S, and soon to be available from L-3 Communications, have the HAIPE protocol built in, along with the ability to switch easily between classified and unclassified government networks, among other features.

“The built in security of the BlackBerry is equal to the SME PED, but the difference is the type of cipher,” said this encryption expert.

HAIPE devices also have their limitations. For one, HAIPE is a big drain on battery power, as SME PED users are quickly discovering. Users report they routinely have to recharge their devices after only two or three hours.

In many ways, BlackBerry smart phones, among others, offer more security to mobile uses than most laptops.

With a BlackBerry, for example, if the operating software detects a set of instructions that don’t conform to the policies set up for a specific device, the software can immediately instruct the device to cancel the user’s privileges or stop it from working altogether.

White House press officials and spokesmen for RIM, General Dynamics and L-3 all refuse to comment on what kind of smart phone President Obama is carrying now, or who is on the commander in chief’s white list.

But if President Obama was intent on using a BlackBerry, there’s nothing about its security features that would prevent him from using one.

Posted by Wyatt Kash on Jan 31, 2009 at 9:39 AM


Featured

  • FCW Perspectives
    tech process (pkproject/Shutterstock.com)

    Understanding the obstacles to automation

    As RPA moves from buzzword to practical applications, agency leaders say it’s forcing broader discussions about business operations

  • Federal 100 Awards
    Federal 100 logo

    Fed 100 nominations are now open

    Help us identify this year's outstanding individuals in federal IT.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.