This advisory applies to:
• BlackBerry Enterprise Server version 4.0 and later for IBM Lotus Domino
• BlackBerry Enterprise Server version 4.0 and later for Microsoft Exchange

The BlackBerry Solution uses symmetric key cryptography to encrypt and decrypt the data that the BlackBerry Enterprise Server and the BlackBerry device send between them.

The BlackBerry Enterprise Server version 4.0 or later for Microsoft Exchange and the BlackBerry Enterprise Server version 4.0 or later for Lotus Domino allow the administrator to set one or both of two industry standard encryption algorithms for use with BlackBerry transport layer encryption: Triple Data Encryption Standard (Triple DES) and Advanced Encryption Standard (AES). The BlackBerry Enterprise Solution uses Triple DES (112-bit keys) or AES (256-bit keys) to encrypt and decrypt data that the BlackBerry Enterprise Server and the BlackBerry device send between them.

Note: All versions of the BlackBerry Enterprise Server for Novell GroupWise support AES encryption only.

Research In Motion (RIM) recommends setting the BlackBerry Enterprise Server to use AES transport layer encryption for all communication with BlackBerry devices.

AES was created through a competition to design an algorithm with a better combination of security and performance than Triple DES. It is recognized throughout much of the security industry as the successor to Triple DES, and is also currently approved by the United States Committee on National Security Systems (CNSS) for protecting top secret government information. See http://www.cnss.gov/Assets/pdf/cnssp_15_fs.pdf for more information.

-- Continue reading download the official PDF