Canadian law enforcement obtained BlackBerry Global encryption Key

A report published by the VICE News confirmed that the Canadian law enforcement obtained the BlackBerry encryption Key under the investigation Op Clemenza.

BlackBerry is probably the first mobile vendor that implemented end-to-end encryption to protect communications of its users. Now an embarrassing report published by Vice News revealed that BlackBerry has shared a master Key to crack BlackBerry Messenger encryption with the Canadian Law enforcement.

According to the report, the Royal Canadian Mounted Police (RCMP) received a global decryption key for BlackBerry mobile devices since 2010, according to a new report from Vice News published yesterday.

“A high-level surveillance probe of Montreal’s criminal underworld shows that Canada’s federal policing agency has had a global encryption key for BlackBerry devices since 2010.” reports the Vice News.

According to the report, the Canadian police used the global encryption key for BlackBerry to decrypt over 1 Million messages sent through the BlackBerry Messenger(BBM) service by suspects in a two-year long criminal investigation.

The investigation was coded Operation Clemenza.

“The revelations are contained in a stack of court documents that were made public after members of a Montreal crime syndicate pleaded guilty to their role in a 2011 gangland murder. The documents shed light on the extent to which the smartphone manufacturer, as well as telecommunications giant Rogers, cooperated with investigators.” continues the Vice News.

“According to technical reports by the Royal Canadian Mounted Police that were filed in court, law enforcement intercepted and decrypted roughly one million PIN-to-PIN BlackBerry messages in connection with the probe.”

The report confirms that the company used the same global encryption key to protect all its customers, even when the devices use by private companies used encryption keys generated by their servers.

The circumstance is disconcerting because it implies that the Canadian police had the opportunity to spy on government and business clients using BlackBerry devices.

Both BlackBerry and the Royal Canadian Mounted Police fought against the order to provide details about their cooperation.

It is still not clear how the Canadian authorities obtained the global encryption key, neither if they are still in possession of the keys.

It is easy to speculate that the company gave the keys to the Royal Canadian Mounted Police.

The Vice News reported a statement of the RCMP included in one of the document it analyzed that confirmed the Canadia Government had obtained “the key that would unlock the doors of all the houses of the people who use the provider’s services, and that, without their knowledge.”

It seems that BlackBerry changed its global encryption key after the conclusion of the “Project Clemenza.”

Let’s wait for an official comment from the company.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Surveillance, global encryption key)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.