BlackBerry has released an update to the BlackBerry Spark Communications Platform for developers. The biggest change to this release (R6) is that developers no longer have to manage their own Key Management Service (KMS). When you create your domain, you now have the option to have BlackBerry Manage and distribute your cryptographic keys. This means that you no longer have to build or manage your own cloud storage system and integrate it with Spark.
KMS is a cloud-based solution that stores and shares keys used to secure messages, voice, and video. KMS stores a user’s private and chat keys to be restored by other endpoints that are owned by that same user. KMS shares a user’s public encryption and signing keys with all other users in the system.
All private and chat keys are encrypted and signed with an AES256-GCM management key by the endpoint before being stored in KMS. The management key itself is also stored in KMS after being encrypted and signed with an AES256-GCM key that is derived from an application-supplied secret using the Argon2id key derivation function. This secret can be a user-supplied password or a secret managed by the application on behalf of the user. The key that is derived from this secret is never stored in KMS or on the endpoints.
By using both a derived key and a management key in this way, KMS lets your application change what secret is used to protect the securely stored keys without requiring re-encryption of all stored keys.
It should be highlighted that developers still have the option to store and distribute the cryptographic keys used to protect communications with a KMS if they want, as in R5. This is quite simply done by leaving the “Use Key Management Service” checkbox empty.
BlackBerry Spark Communications Platform allows developers to easily snap rich chat, voice, video and data transfer and secure file sharing, contact cards, media, location, whiteboards and other business data with both low- and high-bandwidth streaming. BlackBerry Spark Communications Platform leverages the global BlackBerry communications infrastructure, designed to meet the most demanding enterprise requirements. ISVs can build rich interactive apps for their enterprise customers with an IP-based platform with proven scale and security.
BlackBerry entering CPaaS market is much more than just an sdk
BlackBerry Spark Communications Platform offers seamless integration into applications, high performance at scale, high availability and enterprise-grade reliability—all without having to deploy complex and costly infrastructure. IP-based infrastructure provides enhanced scalability safeguards against system outages and unanticipated usage spikes that can compromise service, user experience and app adoption.
The BlackBerry Spark Communications Platform is available for Android, iOS and Web here.