I find this latest report from German news magazine Der Spiege a bit suspect but it’s worth mentioning. They are claiming based on some new leaks from Edward Snowden that the NSA and it’s UK counterpart have been cracking BES encryption since 2009. We already know that any government can access SMS and BIS traffic on any carrier network. Now this latest leak claims that BlackBerry BES traffic can also be breached.
BlackBerry has long claimed that they do not hold a backdoor key to BES encryption. It all goes encrypted from the device to the BES server using AES encryption. This makes me wonder how in the world the NSA is making their way into that conversation.
According to the leak the NSA has been hitting BlackBerry BES email sinc May 2009, when they ran into temporary difficulties caused by BlackBerry’s messaging protocol changing following and acquisition. Then In March 2010, they were once again able to access the information, Der Spiegel said, citing GCHQ documents marked “UK Secret.”
I still find the claims highly suspect but hopefully we will get a response out of BlackBerry. So far they have not said much other than the fact that they do not have a back door to provide for BES communication. The only real other option I can think of is them having a back door to AES… or possibly having access to the BES server.
Check out more details at Spiegel Online