[Reed McLay]

Mobile firms seek India govt meeting on BlackBerry | Reuters

Indian security agencies want BlackBerry-maker Research in Motion to give them access to algorithms needed to decrypt messages, or face a termination of the service at the end of March. ...

It seems the government of India has asserted the right to monitor communications and they can't deal with the BlackBerry 128 bit security. They want it rolled back to 40 bit encryption, so they can monitor it.

"RIM operates in more than 130 countries around the world and respects the regulatory requirements of governments. RIM does not comment on confidential regulatory matters or speculation on such matters in any given country," a spokeswoman in Hong Kong said.
...

America, Russia and China are among the many nations that have accepted the fact they can not monitor such levels of encryption.

The article goes on to state some 400,000 BlackBerry users could be affected and this would halt sales in this fast growing region on the World.

Advanced Encryption Standard - Wikipedia, the free encyclopedia

June 2003, the US Government announced that AES may be used for classified information:

"The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths. ...

RIM stood firm when Russia and China hesitated over security issues, but they have both accepted the security/privacy package.

[Reed McLay]

UPDATE 1-India says not considering banning BlackBerry | Deals | Regulatory News | Reuters

"There is no question of banning at this point," Telecoms Secretary Siddhartha Behura told reporters on the sidelines of an industry conference.

...

If the distribution of BlackBerrys in India mirrors our experience, all of the top Politicians, Legislators and Executives are among the 400,000 subscribers.

I gather the message worked it's way down to the Telecom Secretary, most likely on his BlackBerry.

[lush242000]

I hope RIM tells India to shove it and accept their service or get lost. Once you give in a little bit, it's all over.

[gregory_opera]

After nearly 10 years, I have just left the Australian telecommunications industry for a career in an unrelated industry, and whilst I am unaware of the specifics of the local BlackBerry systems, I know with 100% certainty that the major service providers all keep an archive of all telecommunications activity made through their services - my sources tell me that it is actually a high-level legal requirement to archive data for at least one month, though I know for certain that at least one of the major service providers here archives data for much longer than this (FYI, this information comes from pretty high up the food chain too!)...


Personally, I find it exceptionally difficult to believe that the Powers that Be don't have the capabilities to monitor BlackBerry-based telecommunications, particularly in the technologically-advanced Western World... I have also seen strong evidence online to suggest that certain countries "absolutely" have such capabilities at hand, to use as they see fit.

And even if I'm wrong, remember that most of your BlackBerry-based telecommunications is routed through Research in Motion's (RIM's) servers, so there is the very real possibility that somewhere in the world (probably in Canada), you BlackBerry-based data is being recorded, ready for authorities to confiscate at a moment's notice.


Oh yeah - it is also public knowledge that ALL Internet traffic in Australia is stregically monitored on the Gold Coast (Queensland, Australia; my home town) for various purposes (mostly in fighting pedophiles though), and this includes wireless Internet traffic, so clearly RIM's security CAN be broken, OR they have provided the decryption keys to the Australian Federal Government...

Either way, if the Australian Federal Police (AFP; the Australian equivalent of the FBI) can see (most of) your BlackBerry telecommunications activity, then how realistic is it that other Governments can't?

Posted from my CrackBerry at wapforums.crackberry.com

[ritesh]

I hope RIM tells India to shove it and accept their service or get lost. Once you give in a little bit, it's all over.

If they had the balls to do it , they would have cared 2 hoots about the whole issue.
Considering the mobile using popluation of India and the potential RIM sees in expanding its user base, tomorrow,I wouldn't be surprised to hear that RIM plans to shut shop in Canada and move to India/China.

N.A. is a already peaked and to make money, RIM will even lick the dirty politicians feet, if the need be.

[Reed McLay]

Advanced Encryption Standard - Wikipedia, the free encyclopedia

As of 2006, the only successful attacks against AES implementations have been side channel attacks. The National Security Agency (NSA) reviewed all the AES finalists, including Rijndael, and stated that all of them were secure enough for US Government non-classified data. In June 2003, the US Government announced that AES may be used for classified information:

...
This marks the first time that the public has had access to a cipher approved by NSA for encryption of TOP SECRET information. Many public products use 128-bit secret keys by default; it is possible that NSA suspects a fundamental weakness in keys this short, or they may simply prefer a safety margin for top secret documents (which may require security decades into the future).

...

Side channel attack - Wikipedia, the free encyclopedia

In cryptography, a side channel attack is any attack based on information gained from the physical implementation of a cryptosystem, rather than theoretical weaknesses in the algorithms. ...

Not even the NSA can decrypt this level of encryption. It has resisted massive parallel attacks and has never been broken.

The side channel reference, the only successful attack got access to the server cache and retrieved a valid key. That can only be accomplished by an attack in very close proximity to the host.

From the moment you press send, the data is encrypted. We expect it to be recorded and archived, that is what servers do. It does not matter who get access to the data, the encryption is strong enough to defeat any attempts at decryption.

[Krishnapr1975]

Hi Guys,
Any body from Bangalore City, INDIA? I wanted to know some best deals for blackberry in Bangalore city especially from Airtel?

Please Help & Guide Me please,

Regards,
Krishna

[sexysweetk22]

wow, this was a very interesting read....

[raylol16]

Good read and that's why so many people have been sueing RIM so they can access these records.

[GWNorris3rd]

India just wants to make cheap knock-offs like all the other stuff coming from there or China!

[moov]

interesting story

[SteveO86]

This story dates back to the beginning of the year, the original post was in 03-12-2008, 02:35 PM.

India really didn't get what they wanted anyway lol.

[Reed McLay]

This story is ancient history now.

The Government of India has "announced" they have successfully hacked AES and are reading everything that the bad guys are posting.

Yea... right.