On Tue, Jan 15, 2002 at 11:37:03AM -0800, georgemw@speakeasy.net wrote:
On 15 Jan 2002, at 10:26, Eric Murray wrote:
On Tue, Jan 15, 2002 at 10:44:46AM -0600, xganon wrote:
We are interested in the 'encryption' used in these over-the-air queries...
ARDIS, the protocol the Blackberry uses, does an XOR with a 32 bit constant of the day.
Eric
You're kidding, right?
Probably not. I haven't seen the spec so I'm not 100% sure, but this is the info I dug up after 10 minutes of googling. http://www.counterpane.com/crypto-gram-9904.html "And the Mobitex protocol used by ARDIS and RAM mobile for wireless email is another example of something that is complex for error correction and robustness but has essentially no security. And software for monitoring this circulates around the net as well. ARDIS does use XORing with a 32 bit constant of the day to provide some fig leaf of security, but obviously determining the constant is trivial..." Sad, isn't it? Eric