Presentation is loading. Please wait.

Presentation is loading. Please wait.

ELKAT Security Engineering Ltd. Poland Activity Plan Avi Arbili Regional Sales Director – Europe Cell:+972-(0) 52 – 3910006 Tel: +972-(0)3-5604744 Fax:

Published byElmer Byrd Modified over 9 years ago

Similar presentations

Presentation on theme: "ELKAT Security Engineering Ltd. Poland Activity Plan Avi Arbili Regional Sales Director – Europe Cell:+972-(0) 52 – 3910006 Tel: +972-(0)3-5604744 Fax:"— Presentation transcript:

1 ELKAT Security Engineering Ltd. Poland Activity Plan Avi Arbili Regional Sales Director – Europe Cell:+972-(0) 52 – 3910006 Tel: +972-(0)3-5604744 Fax: +972-(0)3-5604745 avia@elkat.co.il www.elkat.co.il

2 Military Grade Encryption Systems Secure Lock 3G BBM Full security suite to your BBM chat

3 BlackBerry Messenger ( BBM PIN-to-PIN )  Only possible between BlackBerry devices  If permitted by departmental policy, users who know the PINs of other users' BlackBerry device can use the PINs to directly exchange data messages with the other devices across the wireless network (outside the normal e-mail process), thus bypassing the internal departmental e-mail servers and security filters  Addressed to a "PIN" instead of an e-mail address.  A "PIN" is a hardware address, similar to a computer network.  adapter's MAC address, and is unique to every BlackBerry device.  A "PIN" is not an authentication password nor is it a user  identifier. It is the method by which the BlackBerry device is  identified to the RIM relay for the purpose of finding the device within the global wireless service providers' networks.

4 Sending/Receiving PIN-to-PIN Messages In this case, a PIN-to-PIN message sent from a BlackBerry device is forwarded to the RIM relay by the user's wireless service provider as in the case of e-mail. However, for a PIN-to-PIN message, instead of going back through departmental e-mail servers, the relay identifies the destination BlackBerry device by its PIN and forwards the message directly to the destination user's wireless service provider (which may or may not be the same provider as the originating user) for direct delivery to the destination device. How it is works !

5 PIN-to-PIN main security concern !!! PIN-to-PIN is not suitable for exchanging sensitive messages: Although PIN-to-PIN messages are encrypted using Triple-DES, the key used is a global cryptographic "key" that is common to every BlackBerry device all over the world. This means any BlackBerry device can potentially decrypt all PIN-to-PIN messages sent by any other BlackBerry device, if the messages can be intercepted and the destination PIN spoofed. Further, unfriendly third parties who know the key could potentially use it to decrypt messages captured over the air.

6 PIN Address Vulnerability A BlackBerry device that has been used for PIN messaging should not be recycled for re-use. The reason is that the hard- coded PIN cannot be erased or modified, and therefore the PIN does not follow a user to a new device. Even after memory wiping and reloading, the BlackBerry device still has the same PIN identity and will continue to receive PIN messages addressed to that PIN. This can expose unsuspecting users of BlackBerry devices to potential information compromise in the following ways : A new owner of the recycled BlackBerry device could view PIN messages sent from a colleague of the previous owner who is unaware that the message is now going to the wrong recipient (recall that the PIN is a device ID, and not a user ID. A message sent by the BlackBerry device's new owner contains a known PIN credential which might be mistakenly accepted as being from the previous owner )impersonation)

7 Secure Lock 3G BBM & Emails Encryption !! Developed a newBBM application that provides high encryption solution that use the existing PIN mechanism !! Based on the following encryption standard: 1.Keys exchange : Elliptic Curve 384 Bits (approved as equivalent to RSA 7680 Bits by the NSA http://www.nsa.gov/business/programs/elliptic_curve.shtml 2. Encryption : AES 256 (approved for protection TOP SECRET information by the NSA http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml

8  Compatible Networks : WI-FI, 3G, GPRS, UMTS  Full support for worldwide roaming  Peer to peer communication  Communication via PIN messaging infrastructure  Address Book/Presence  Import contacts from Blackberry BBM address book Tree-based buddy-list  Add/Delete contact  Add contact authorization  Contact/own status: Do Not Disturb, Busy etc...  Messaging: Text messaging, Offline text messaging, Messaging history  File transfer Key features

9 Thank You

Download ppt "ELKAT Security Engineering Ltd. Poland Activity Plan Avi Arbili Regional Sales Director – Europe Cell:+972-(0) 52 – 3910006 Tel: +972-(0)3-5604744 Fax:"

Similar presentations

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Akshat Sharma Samarth Shah

Akshat Sharma Samarth Shah
Meganet Corporation VME Office 2004. Meganet Corporation Meganet Corporation is a leading worldwide provider of data security to Governments, Military,

Meganet Corporation VME Office Meganet Corporation Meganet Corporation is a leading worldwide provider of data security to Governments, Military,
Presentation. Contemporary Communication Fast – connects us quickly without delays Reliable – works always Global – connects us with the whole world Low.

Presentation. Contemporary Communication Fast – connects us quickly without delays Reliable – works always Global – connects us with the whole world Low.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication E-Mail Security E-Mail Security Secure Sockets Layer Secure.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
Interlock Protocol - Akanksha Srivastava 2002A7PS589.

Interlock Protocol - Akanksha Srivastava 2002A7PS589.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
U N C L A S S I F I E D LA-UR-09-03103 LANL Exchange / Blackberry Deployment June 2, 2009 Anil Karmel Solutions Architect Network and Infrastructure Engineering.

U N C L A S S I F I E D LA-UR LANL Exchange / Blackberry Deployment June 2, 2009 Anil Karmel Solutions Architect Network and Infrastructure Engineering.
Lab4 Part2 Lau Ting Nga Virginia Tsang Pui Yu Wong Sin Man.

Lab4 Part2 Lau Ting Nga Virginia Tsang Pui Yu Wong Sin Man.
Meganet Corporation VME Mail 2004. Meganet Corporation Meganet Corporation is a leading worldwide provider of data security to Governments, Military,

Meganet Corporation VME Mail Meganet Corporation Meganet Corporation is a leading worldwide provider of data security to Governments, Military,
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

Similar presentations

Ads by Google