PINDROP BLOG

BlackBerry Messenger Decryption Tactic Could Be Revealed

A decision in a years-old Canadian murder case that involved the police intercepting and decrypting more than a million encrypted BBM messages could reveal the technique that law enforcement used to get those encrypted messages.

The case centers on a murder in Montreal several years ago of an alleged Mafia member. During the investigation, the Royal Canadian Mounted Police were able to intercept and read BBM messages exchanged by suspects in the murder. BBM messages are encrypted from end to end and should not be readable by anyone other than the sender and recipient. However, the RCMP developed a technique that enabled them to decrypt the messages exchanged by the targets of their investigation. They eventually arrested and convicted seven people in connection with the murder, partially based on evidence collected in the BBM messages.

“Over one million private messages were intercepted and analysed as evidence using the PIN to PIN interception technique. This was the first time that this technique was used on such a large scale in a major investigation in North America,” the RCMP said in a statement at the time of the arrests in 2014.

During the trial, the prosecutors asked the judge to prevent publication of details about their interception and decryption technique, a request that the judge granted. But a hearing today could change that. The CBC reports that a judge today will consider whether to lift that publication ban, allowing the decryption technique to become public. It has been reported that the RCMP may operate a server that impersonates BlackBerry’s own BBM server, which would allow the agency to intercept and decrypt those messages.

The way that the BlackBerry Messenger system is set up, although the messages are encrypted during transmission, there is one master key on every device that encrypts the messages. Access to that key in some way would give the RCMP the decryption capability. How, or if, they got access to that key would be the big revelation. There are other potential methods by which the RCMP could have intercepted and decrypted the messages, but they would likely involve some break in the implementation of the encryption scheme used in BlackBerry devices or other technical attacks.

If the judge in Quebec agrees to lift the publication ban, it would giver researchers a valuable insight into how law enforcement is able to execute operations such as this one.

Webinar: TACKLING THE 113% FRAUD INCREASE IN CALL CENTERS