On Aug 10, 2011, at 12:19 53PM, Perry E. Metzger wrote:

> On Wed, 10 Aug 2011 11:59:53 -0400 John Ioannidis <j...@tla.org> wrote:
>> On Tue, Aug 9, 2011 at 8:02 PM, Sampo Syreeni <de...@iki.fi> wrote:
>>> Thus, why not turn the Trusted Computing idea on its head? Simply
>>> make P2P public key cryptography available to your customers, and
>>> then bind your hands behind your back in an Odysseian fasion,
>>> using hardware means? Simply make it impossible for even yourself
>>> to circumvent the best cryptographic protocol you can invent,
>>> which you embed in your device before ever unveiling it, and then
>>> just live with it?
>> "Customers"? There is no profit in any manufacturer or provider to
>> build that kind of functionality.
> Blackberry already more or less has that functionality, which
> disproves your hypothesis.
More precisely, Blackberry email is encrypted from the recipient's
Exchange server to the mobile device.

The scenario is corporate email; the business case is that RIM could
claim that they *couldn't* read the email; they never had it in the
clear.  However, that's only true for that service.  For personal
Blackberries, there is no corporate-owned server doing the encryption.

The service in question here, though, is Blackberry Messenger.  There
seems to be some confusion about whether or not such messages are
encrypted, and if so under what circumstances.  One link
 says that they're not, in any meaningful form.  More
says that they aren't.

The most authoritative source is RIM itself.  P 27 of
http://docs.blackberry.com/16650/ confirms the CSE document.

Looking at things more abstractly, there's a very difficult key 
management problem for a decentralized, many-to-one encryption service.
Here, you're either in CA territory or web of trust territory.  In
this case, are the alleged perpetrators of the riots careful enough
about to which keys they're sending the organizing messages?  If
the pattern is anything like Facebook friending, I sincerely doubt

                --Steve Bellovin, http://www.cs.columbia.edu/~smb

The cryptography mailing list

Reply via email to