Blackberry PlayBook Tablet Tinjauan Teknis Keamanan - Halaman 37

Jelajahi secara online atau unduh pdf Tinjauan Teknis Keamanan untuk Tablet Blackberry PlayBook Tablet. Blackberry PlayBook Tablet 46 halaman. Tablet
Juga untuk Blackberry PlayBook Tablet: Spesifikasi (21 halaman), Spesifikasi (21 halaman), Panduan Pengguna (48 halaman), Informasi Keamanan dan Produk (19 halaman), Panduan Pengguna (42 halaman), Panduan Memulai Cepat (2 halaman), Ui Manuallines (39 halaman), Panduan Pengguna (34 halaman)

Blackberry PlayBook Tablet Tinjauan Teknis Keamanan
Security Technical Overview
Attacks that the BlackBerry Bridge pairing
process is designed to prevent
The BlackBerry Bridge pairing process is designed to help protect the connection between the BlackBerry PlayBook
tablet and BlackBerry smartphone from the following types of attacks:

Brute-force attack

Online dictionary attack

Eavesdropping

Impersonating a smartphone
Man-in-the-middle attack
Small subgroup attack
Brute-force attack
A brute-force attack occurs when a potentially malicious user tries all possible keys and guesses what the
encryption key is. The BlackBerry Bridge pairing key is 256 bits long, which makes a brute-force attack
computationally infeasible.
Online dictionary attack
An online dictionary attack occurs when a potentially malicious user uses feedback to determine the correct
password. For example, during the key agreement protocol, the potentially malicious user might try to guess the
shared secret between the BlackBerry PlayBook tablet and BlackBerry smartphone.
The ECDH protocol permits the potentially malicious user to only guess the shared secret one time. If the guess is
incorrect, the BlackBerry PlayBook tablet user must restart the pairing process, which creates a new shared secret
before the potentially malicious user guesses again.
Eavesdropping
An eavesdropping event occurs when a potentially malicious user monitors the communication that occurs
between a BlackBerry PlayBook tablet and BlackBerry smartphone. The goal of the potentially malicious user is to
determine the BlackBerry Bridge pairing key on the tablet and smartphone and then use the key to decrypt the
data that the tablet and smartphone send between each other.
Because the BlackBerry Bridge uses the ECDH algorithm to generate the BlackBerry Bridge pairing key, a
potentially malicious user must solve the ECDH problem to compute the key. Solving this problem is equivalent to
solving the DH problem, which is considered computationally infeasible.

Attacks that the BlackBerry Bridge pairing process is designed to prevent

9
35