Is Word 2007 Encryption Secure?

Microsoft Word IconThere was an interesting discussion that took place on one of the mailing lists I follow the other day with people trying to figure out if the password encryption used in Word 2007 is secure. As most of us know, older versions are easily cracked however the more recent versions are suppose to be more secure. In the discussion there were lots of guesses however no concrete answers.

Finally Bob Weiss, who does stuff like this for a living over at Password Crackers, Inc. up in MD, chimed in with a very informative response. Since I thought a wider audience might be interested in his answer, I contacted Bob and after a few edits he gave me permission to post it here. Enjoy!

#####

Word 2007 uses AES 128-bit encryption however the key is transmitted along with the document (otherwise you couldn’t open it). The key is itself encrypted and this is where the questions about the implementation come in.

Generally attacks against Word are not an attack against AES but rather an attack on the protection of the key. A key is created from the 50,000 SHA-1 hashed rounds of the password combined with the document_id. Then both the key and the hash of the key are encrypted using this new key. When the password is presented for decryption, the process runs again in reverse. The key is encrypted and hashed and this hash is compared to the hash of the key that was encrypted originally. If you gave the correct password, the key is correct and the file is decrypted. If you didn’t, then the key will not be correct. Right now, it is easier to attack the key protection scheme than the AES encryption.

So for the purposes of security analysis, you wouldn’t ask how strong is AES-128 but instead how strong is the algorithm protecting the AES key. The answer right now is … pretty strong. The 50,000 rounds of SHA-1 make a brute-force attack very slow or require significant resources. The state of the art is huge arrays of FPGAs to accelerate the testing; however, this hardware is very expensive and not fast enough to assure password recovery in a reasonable length of time. Unless a user chooses an easy password, but password strength is always a potential vulnerability.

So how secure is it? Let’s say that I would be comfortable locking something important in a .docx or .xlsx without any additional encryption. If you want, you can always wrap the file in another container such as .zip, .rar, .pgp, etc. Each of these is pretty secure as long as you use a strong password and that password is also stored securely.

#####

Robert Weiss is founder and owner of Password Crackers, Inc. He specializes in counter-cryptography and cryptanalysis. He can be contacted at pwcrack theatsign pwcrack dot com.

15 comments for “Is Word 2007 Encryption Secure?

  1. September 6, 2011 at 11:56 pm

    #NOVABLOGGER: Is Word 2007 Encryption Secure? http://t.co/WX8AQpt http://t.co/8sDfMyY

  2. September 7, 2011 at 7:41 am

    Is Word 2007 Encryption Secure? http://t.co/h8HsEs7 Informative post tells you what’s REALLY going on in there..

  3. September 7, 2011 at 11:30 am

    Are encrypted Word 2007 docs secure? Let’s assume U choose a strong pwd http://t.co/RhcnDVC <- Hopefully link works.

  4. September 7, 2011 at 11:00 pm

    Is Word 2007 Encryption Secure?: [nova#infosecportal.com] There was an interesting discussion that took place on… http://t.co/GotehQB

  5. September 9, 2011 at 4:22 pm

    IN CASE U MISSED IT: Is Word 2007 Encryption Secure? http://t.co/NU3JXRZ

  6. September 9, 2011 at 4:23 pm

    IN CASE U MISSED IT: Is Word 2007 Encryption Secure? http://t.co/fHiKdoq

  7. April 17, 2012 at 6:42 am

    Interessanter Artikel: Wie sicher ist die Verschlüsselung(sfunktion) von Office 2007? http://t.co/WVGn04dc

  8. April 24, 2012 at 8:22 am

    Best Of: Is Word 2007 Encryption Secure? http://t.co/GqycbJj5

  9. May 25, 2012 at 3:32 pm

    Best Of: Is Word 2007 Encryption Secure? http://t.co/Gqy7E9ib

  10. June 28, 2012 at 4:16 pm

    Is Word 2007 Encryption Secure? http://t.co/CHk3uuuD | Microsoft acertó en la implementación para proteger la llave de cifrado.

  11. November 16, 2012 at 9:17 am

    Best Of: Is Word 2007 Encryption Secure? http://t.co/fnA6lsvO

  12. November 29, 2012 at 8:56 am

    The weight is too much for my height.The wall has ears.Help yourself.He will blame you for carelessness.Spring is a pretty season.I can’t help eating sweets whenever they are in my presence.I can’t help eating sweets whenever they are in my presence.How about going to a movie? She has been to school.You’ll save time not waiting for the elevator.

  13. March 16, 2013 at 11:20 am

    Best Of: Is Word 2007 Encryption Secure? http://t.co/ekeF01ktXK

  14. February 18, 2014 at 10:36 pm

    Best Of: Is Word 2007 Encryption Secure? http://t.co/i5pKGuWL5E

  15. February 28, 2014 at 10:45 pm

    Best Of: Is Word 2007 Encryption Secure? http://t.co/x1Q4LGckQL

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.