Blackberry PlayBook Tablet Technisch overzicht beveiliging - Pagina 37

Blader online of download pdf Technisch overzicht beveiliging voor {categorie_naam} Blackberry PlayBook Tablet. Blackberry PlayBook Tablet 46 pagina's. Tablet
Ook voor Blackberry PlayBook Tablet: Specificaties (21 pagina's), Specificaties (21 pagina's), Gebruikershandleiding (48 pagina's), Veiligheid en productinformatie (19 pagina's), Gebruikershandleiding (42 pagina's), Snelstarthandleiding (2 pagina's), Ui Manuallijnen (39 pagina's), Gebruikershandleiding (34 pagina's)

Security Technical Overview

Attacks that the BlackBerry Bridge pairing

process is designed to prevent

The BlackBerry Bridge pairing process is designed to help protect the connection between the BlackBerry PlayBook

tablet and BlackBerry smartphone from the following types of attacks:

•

•

•

•

Impersonating a smartphone

•

Man-in-the-middle attack

•

Small subgroup attack

Brute-force attack

A brute-force attack occurs when a potentially malicious user tries all possible keys and guesses what the

encryption key is. The BlackBerry Bridge pairing key is 256 bits long, which makes a brute-force attack

computationally infeasible.

Online dictionary attack

An online dictionary attack occurs when a potentially malicious user uses feedback to determine the correct

password. For example, during the key agreement protocol, the potentially malicious user might try to guess the

shared secret between the BlackBerry PlayBook tablet and BlackBerry smartphone.

The ECDH protocol permits the potentially malicious user to only guess the shared secret one time. If the guess is

incorrect, the BlackBerry PlayBook tablet user must restart the pairing process, which creates a new shared secret

before the potentially malicious user guesses again.

Eavesdropping

An eavesdropping event occurs when a potentially malicious user monitors the communication that occurs

between a BlackBerry PlayBook tablet and BlackBerry smartphone. The goal of the potentially malicious user is to

determine the BlackBerry Bridge pairing key on the tablet and smartphone and then use the key to decrypt the

data that the tablet and smartphone send between each other.

Because the BlackBerry Bridge uses the ECDH algorithm to generate the BlackBerry Bridge pairing key, a

potentially malicious user must solve the ECDH problem to compute the key. Solving this problem is equivalent to

solving the DH problem, which is considered computationally infeasible.