Microsoft Office Password Protection
   HOME

TheInfoList



Click Here for Items Related To - Microsoft Office Password Protection
OR:
Microsoft Office Password Protection on:   [Wikipedia]   [Google]   [Amazon]

Microsoft Office password protection is a security feature that allows
Microsoft Office Microsoft Office, MS Office, or simply Office, is an office suite and family of client software, server software, and services developed by Microsoft. The first version of the Office suite, announced by Bill Gates on August 1, 1988, at CO ...
documents (e.g. Word, Excel, PowerPoint) to be protected with a user-provided password.


Types

There are two types of passwords that can be set to a document: * A password to
encrypt In cryptography, encryption (more specifically, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the information, known as plai ...
a document restricts opening and viewing it. This is possible in all Microsoft Office applications. Since Office 2007, they are hard to break if a sufficiently complex password was chosen. If the password can be determined through social engineering, the underlying cipher is not important. * Passwords that do not encrypt but restrict modification and can be circumvented. ** In
Word A word is a basic element of language that carries semantics, meaning, can be used on its own, and is uninterruptible. Despite the fact that language speakers often have an intuitive grasp of what a word is, there is no consensus among linguist ...
and PowerPoint the password restricts modification of the entire document. ** In Excel passwords restrict modification of the workbook, a worksheet within it, or individual elements in the worksheet.


History of Office encryption


Weak encryptions

In Excel and Word 95 and prior editions a weak protection algorithm is used that converts a password to a 16-bit verifier and a 16-byte XOR obfuscation array key. Hacking software is now readily available to find a 16-byte key and decrypt the password-protected document. Office 97, 2000, XP and 2003 use
RC4 In cryptography, RC4 (Rivest Cipher 4, also known as ARC4 or ARCFOUR, meaning Alleged RC4, see below) is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, ren ...
with 40 bits. The implementation contains multiple vulnerabilities rendering it insecure. In Office XP and 2003 an opportunity to use a custom protection algorithm was added. Choosing a non-standard Cryptographic Service Provider allows increasing the key length. Weak passwords can still be recovered quickly even if a custom CSP is on.


AES since Office 2007

In Office 2007, protection was significantly enhanced by using AES as a cipher. Using
SHA-1 In cryptography, SHA-1 (Secure Hash Algorithm 1) is a hash function which takes an input and produces a 160-bit (20-byte) hash value known as a message digest – typically rendered as 40 hexadecimal digits. It was designed by the United States ...
as a hash function, the password is stretched into a 128-bit key 50,000 times before opening the document; as a result, the time required to crack it is vastly increased, similar to
PBKDF2 In cryptography, PBKDF1 and PBKDF2 (Password-Based Key Derivation Function 1 and 2) are key derivation functions with a sliding computational cost, used to reduce vulnerability to brute-force attacks. PBKDF2 is part of RSA Laboratories' Public- ...
,
scrypt In cryptography, scrypt (pronounced "ess crypt") is a password-based key derivation function created by Colin Percival in March 2009, originally for the Tarsnap online backup service. The algorithm was specifically designed to make it costly t ...
or other KDFs. Office 2010 employed AES and a 128-bit key, but the number of
SHA-1 In cryptography, SHA-1 (Secure Hash Algorithm 1) is a hash function which takes an input and produces a 160-bit (20-byte) hash value known as a message digest – typically rendered as 40 hexadecimal digits. It was designed by the United States ...
conversions doubled to 100,000. Office 2013 uses 128-bit AES, again with hash algorithm SHA-1 by default. It introduces SHA-512 hashes in the encryption algorithm, making brute-force and
rainbow table A rainbow table is a precomputed table for caching the outputs of a cryptographic hash function, usually for cracking password hashes. Passwords are typically stored not in plain text form, but as hash values. If such a database of hashed passw ...
attacks slower. Office 2016 uses, by default, 256-bit AES, the
SHA-2 SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compression ...
hash algorithm, 16 bytes of
salt In common usage, salt is a mineral composed primarily of sodium chloride (NaCl). When used in food, especially in granulated form, it is more formally called table salt. In the form of a natural crystalline mineral, salt is also known as r ...
and CBC (
cipher block chaining In cryptography, a block cipher mode of operation is an algorithm that uses a block cipher to provide information security such as confidentiality or authenticity. A block cipher by itself is only suitable for the secure cryptographic transform ...
). Attacks that target the password include dictionary attacks, rule-based attacks,
brute-force attacks In cryptography, a brute-force attack or exhaustive key search is a cryptanalytic attack that consists of an attacker submitting many possible Key (cryptography), keys or passwords with the hope of eventually guessing correctly. This strategy can ...
, mask attacks and statistics-based attacks. Attacks can be sped up through multiple CPUs, also in the
cloud In meteorology, a cloud is an aerosol consisting of a visible mass of miniature liquid droplets, frozen crystals, or other particles, suspended in the atmosphere of a planetary body or similar space. Water or various other chemicals may ...
, and
GPGPU General-purpose computing on graphics processing units (GPGPU, or less often GPGP) is the use of a graphics processing unit (GPU), which typically handles computation only for computer graphics, to perform computation in applications traditiona ...
(applicable only to Office 2007-10 documents).


Excel worksheets and macro protection

The protection for worksheets and macros is necessarily weaker than that for the entire workbook, as the software itself must be able to display or use them. For XLSX files that can be opened but not edited, there is another attack. As the file format is a group of XML files within a ZIP; unzipping, editing, and replacing the workbook.xml file (and/or the individual worksheet XML files) with identical copies in which the unknown key and salt are replaced with a known pair or removed altogether allows the sheets to be edited.


References

{{Microsoft Office Microsoft Office Cryptographic attacks Password authentication de:Microsoft_Office#Dateiverschl%C3%BCsselung_mit_Kennwort