From: Guy Macon (http://www.guymacon.com)
Date: Tue, 19 Oct 2004 15:52:53 +0000
Markus Jansson <email@example.com> says...
>We had this discussion before but nobody gave any info or comment about
>it, so lets try it again.
>OpenOffice uses cipher (Which I cant remember) in OFB mode with salt.
>The salt is very small, I recall it was 24bits. Now, since OFB is
>basicly a stream cipher, if the same salt is used twice with the same
>key, its easy to break it. Now, the key is created, If I recall
>correctly, from the passphrase with the salt.
>So, I you use the same passphrase to encrypt several documents, its
>possible that the salt will be the same. Ofcourse, someone can do a
>bruteforcing against the small salt.
>Why is it done so insecurely? Why isnt the salt larger (lets say 128bit)
>and encryption key generated by making a hash (lets say SHA-256) from
>passphrases+salt together? This would make it much harder to crack it,
>since the same encryption key would not repeat easily even if the same
>passphrases is used.
You are more likely to get a discussion if you do your homework first.
See [ http://www.catb.org/~esr/faqs/smart-questions.html ] for details.
Writing "cipher (Which I cant remember)" and "I recall it was 24bits"
is not likely to get a good discussion going.
To prove my point, I will now set a timer and do exactly five minutes
of web searching ... <5 minute pause> ... Done. Here is what I found:
OpenOffice seems to have two encryption algorithms. One is there
so it can work with Microsoft's password protected files (which means
that it has to do things Microsoft's way; if you don't like the
encryption, complain to Bill Gates.) I think it uses arcfour, but did
not chose to search further once I found that it was Microsoft's.
The other encryption algorithms used in OpenOffice is XML encryption.
See _XML Encryption Syntax and Processing W3C Recommendation_ at
[ http://www.w3.org/TR/xmlenc-core/ ], where you will find:
REQUIRED TRIPLEDES KeyWrap
REQUIRED AES-128 KeyWrap
REQUIRED AES-256 KeyWrap
OPTIONAL AES-192 KeyWrap
RECOMMENDED XML Digital Signature
OPTIONAL Canonical XML (omits comments)
OPTIONAL Canonical XML with Comments
OPTIONAL Exclusive XML Canonicalization (omits comments)
OPTIONAL Exclusive XML Canonicalization with Comments
...with URLs for each.
You can, of course, encrypt OpenOffice files with PGP just like any
other file if you don't like the way OpenOffice does things.
That's how much I found out from a five minute Google search.
Isn't that better than "cipher (Which I cant remember)" and
"I recall it was 24bits"?
I suggest that you read the following carefully.
How To Ask Questions The Smart Way
Also, it would be a nice contribution to the discussion if you
were to research the algorithm OpenOffice uses to work with
Microsoft's password protected files and to post the details here.