User:ChupaCabraChups/sandbox

Microsoft Office password types
All MS Office applications offer several types of password that can be set to a document. These passwords can be divided into 2 groups depending on whether they encrypt a password-protected document or not.

Passwords that do not encrypt a password-protected document are mostly different for each of MS Office applications:

These password types are widely believed to be created for MS Office document sharing rather than preventing other people from getting access to secret data the document may contain. Because of the lack of document encryption, all the passwords mentioned above can not reliably protect a document from a trespasser. Most password-cracking software can remove such protection from a password-protected document in almost no time.
 * In Microsoft Word, they comprise password to modify a document, and password to restrict formatting and editing a document.
 * In Microsoft Excel, they are password to modify a document, password to protect a worksheet, password to protect workbook, and password to protect shared workbook.
 * In Microsoft PowerPoint, it is password to modify a document.

The only password that encrypts a document is password to open a document. It is enabled to set this type of password in all MS Office applications. If a user fails to enter a correct password to the field which appears after an attempt to open a password-protected document, viewing and editing the document becomes unavailable. Due to encryption of a document protected by a password to open, a trespasser needs to decrypt the document to get access to its contents. To hamper Office document decryption, Microsoft has been consecutively enhancing Office encryption algorithm strength.

Microsoft Office document encryption
Like it was already mentioned, the only password that encrypts a password-protected document and prevents an intruder from getting access to user’s information kept in the document is password to open a document.

Office 95 and prior editions feature a rather weak protection algorithm that converts a password to a 16-bit key. Nowadays, most password crackers can find a 16-bit key and decrypt the password-protected document instantly.

Key length in Office 97/2000 was increased to 40 bits. This protection algorithm is currently considered to be weak and presents no difficulties to cracking software that features an option of MS Office protection breaking.

The default protection in Office XP/2003 was not changed but an opportunity to use a custom protection algorithm was added. Choosing a non-standard Cryptographic Service Provider allows increasing a key length so that a key which was used to encrypt a document can’t be found. However, password-cracking programs can enter multiple random passwords with the same speed, so use of CSPs does not slow down password recovery at all. Weak passwords can still be recovered fast enough even if a custom CSP is on.

In Office 2007, protection was significantly enhanced since a modern protection algorithm named Advanced Encryption Standard started being used. No computer can currently break a protection which exploits a 128-bit key. With the help of SHA-1 hash function, a password is converted into a 128-bit key 50000 times before document opening, and because of that, password recovery speed was vastly reduced.

Office 2010 still employs AES and a 128-bit key, but the number of SHA-1 conversions was doubled and now comprises 100000. Therefore, password recovery speed was reduced two times just as well.

Microsoft Office password recovery attacks
There are a number of attacks that can be employed to find a password or remove protection from MS Office documents at all.

Password removal can be done with the help of precomputation tables or a guaranteed decryption attack.

Attacks that allow to find the original password set in MS Office are as follows: dictionary attack, rule-based attack, brute-force attack, mask attack, statistics-based attack.

Efficiency of the attacks can be considerably enhanced if one of the following means is applied: multiple CPUs (distrubuted attack), GPGPU (applicable only to MS Office 2007-2010 documents), cloud computing. Cloud computing services are currently the most efficient.