According to a Russian company Elcomsoft, a weakness in the way BlackBerry has implemented the apparently secure 256-bit AES encryption in its PC and Mac backup program BlackBerry Desktop Software makes it possible to carry out a successful password recovery attack on the backup archive with relative ease. "Using systems running an Intel Core i7 CPU, they were able to break the 7-character unlock codes required to decrypt the files created by RIM's BlackBerry Desktop software in about 30 minutes. But wait, it gets better (or worse): with added muscle from a capable GPU, they figure that amount of time could be reduced even further."
"In short, standard key-derivation function, PBKDF2 [password-based key derivation function], is used in a very strange way, to say the least. Where Apple has used 2,000 iterations in iOS 3.x, and 10,000 iterations in iOS 4.x, BlackBerry uses only one," says Elcomsoft's Vladimir Katalov in an explanatory blog posting.
The encryption is also carried out using the desktop or Mac PC, rather than the smartphone itself, which means that the data is exchanged in unencrypted form, Katalo adds.